urlscan.io logo urlscan.io
SecurityTrails logo

www.gmanetwork.com Open in urlscan Pro
2600:9000:223e:7c00:d:a120:a940:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.gmanetwork.com/
Effective URL: https://www.gmanetwork.com/
Submission: On November 23 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 137 IPs in 12 countries across 90 domains to perform 433 HTTP transactions. The main IP is 2600:9000:223e:7c00:d:a120:a940:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.gmanetwork.com. The Cisco Umbrella rank of the primary domain is 227099.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 2nd 2023. Valid for: a year.
This is the only time www.gmanetwork.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2600:9000:223... 16509 (AMAZON-02)
6 2600:9000:223... 16509 (AMAZON-02)
15 2a00:1450:400... 15169 (GOOGLE)
4 199.91.74.174 21859 (ZEN-ECN)
21 2600:9000:223... 16509 (AMAZON-02)
3 18.245.60.48 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
2 151.101.67.52 54113 (FASTLY)
2 2600:9000:264... 16509 (AMAZON-02)
11 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 23.35.237.151 16625 (AKAMAI-AS)
1 130.162.160.243 31898 (ORACLE-BM...)
1 129.213.64.139 31898 (ORACLE-BM...)
9 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
3 2620:116:800d... 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
5 178.79.242.16 22822 (LLNW)
1 52.207.175.30 14618 (AMAZON-AES)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
3 13.32.22.213 16509 (AMAZON-02)
1 3.1.39.24 16509 (AMAZON-02)
2 34.107.231.31 396982 (GOOGLE-CL...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42::714 54113 (FASTLY)
2 18.245.86.36 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
3 195.8.215.137 41690 (DAILYMOTI...)
3 188.65.124.90 41690 (DAILYMOTI...)
1 99.86.4.71 16509 (AMAZON-02)
2 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 184.30.211.26 16625 (AKAMAI-AS)
2 65.9.66.97 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
8 188.65.124.59 41690 (DAILYMOTI...)
10 2a02:2638:3::3 44788 (ASN-CRITE...)
1 2600:9000:225... 16509 (AMAZON-02)
1 34.102.146.192 396982 (GOOGLE-CL...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
32 23.48.23.49 20940 (AKAMAI-ASN1)
2 176.34.182.11 16509 (AMAZON-02)
5 9 2a02:2638:3::c 44788 (ASN-CRITE...)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
5 141.95.98.65 16276 (OVH)
3 18.66.138.185 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
17 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2600:9000:236... 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
6 3.126.74.214 16509 (AMAZON-02)
3 34.120.63.153 396982 (GOOGLE-CL...)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
3 147.75.84.158 54825 (PACKET)
3 96.46.186.57 7979 (SERVERS-COM)
2 13 37.252.171.53 29990 (ASN-APPNEX)
3 23.218.209.56 16625 (AKAMAI-AS)
1 185.239.172.170 55081 (24SHELLS)
3 2606:4700:440... 13335 (CLOUDFLAR...)
3 2602:803:c003... 26667 (RUBICONPR...)
3 2a02:2638:3::7 44788 (ASN-CRITE...)
5 216.52.2.91 32475 (SINGLEHOP...)
3 185.106.140.18 7979 (SERVERS-COM)
3 162.210.196.208 30633 (LEASEWEB-...)
4 51.89.9.252 16276 (OVH)
1 185.83.69.58 55081 (24SHELLS)
1 35.244.159.8 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
3 23.48.23.23 20940 (AKAMAI-ASN1)
1 2a0c:5c87:523... 55081 (24SHELLS)
2 34.95.69.49 396982 (GOOGLE-CL...)
1 188.65.124.91 41690 (DAILYMOTI...)
5 43.129.34.52 132203 (TENCENT-N...)
4 2a00:1450:400... 15169 (GOOGLE)
17 2a00:1450:400... 15169 (GOOGLE)
1 188.65.124.66 41690 (DAILYMOTI...)
2 162.19.138.117 16276 (OVH)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
5 2001:4860:480... 15169 (GOOGLE)
1 74.125.133.156 15169 (GOOGLE)
1 35.241.31.249 396982 (GOOGLE-CL...)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 151.101.194.49 54113 (FASTLY)
5 15 142.250.186.98 15169 (GOOGLE)
1 1 35.194.66.159 396982 (GOOGLE-CL...)
1 1 35.186.193.173 15169 (GOOGLE)
2 54.195.247.153 16509 (AMAZON-02)
1 81.17.55.171 60781 (LEASEWEB-...)
1 1 35.214.224.130 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2 2a05:d018:d29... 16509 (AMAZON-02)
1 4 178.250.1.9 44788 (ASN-CRITE...)
1 35.227.252.103 15169 (GOOGLE)
2 198.47.127.19 62713 (AS-PUBMATIC)
1 3 69.173.144.139 26667 (RUBICONPR...)
1 3 23.35.237.56 16625 (AKAMAI-AS)
3 142.250.186.166 15169 (GOOGLE)
4 7 104.18.36.155 13335 (CLOUDFLAR...)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:3::12 44788 (ASN-CRITE...)
2 178.250.1.6 44788 (ASN-CRITE...)
2 2a02:2638:3::1a 44788 (ASN-CRITE...)
2 52.58.92.77 16509 (AMAZON-02)
3 23.36.156.23 16625 (AKAMAI-AS)
1 185.86.138.146 201081 (SMARTADSE...)
1 141.226.228.48 200478 (TABOOLA-AS)
2 13.248.245.213 16509 (AMAZON-02)
2 3.71.149.231 16509 (AMAZON-02)
2 37.157.3.20 198622 (ADFORM)
1 54.155.236.110 16509 (AMAZON-02)
1 2 52.50.106.246 16509 (AMAZON-02)
1 34.117.157.22 396982 (GOOGLE-CL...)
1 54.93.209.232 16509 (AMAZON-02)
1 63.35.59.59 16509 (AMAZON-02)
1 64.202.112.255 22075 (AS-OUTBRAIN)
1 198.47.127.205 62713 (AS-PUBMATIC)
1 34.247.98.157 16509 (AMAZON-02)
1 18.196.51.148 16509 (AMAZON-02)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 23.35.237.75 16625 (AKAMAI-AS)
1 54.194.96.15 16509 (AMAZON-02)
1 52.211.88.8 16509 (AMAZON-02)
1 3.141.120.20 16509 (AMAZON-02)
1 131.153.158.209 60558 (SECUREDSE...)
3 52.223.40.198 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 23.218.210.30 16625 (AKAMAI-AS)
1 2606:4700:e4:... 13335 (CLOUDFLAR...)
1 69.173.144.138 26667 (RUBICONPR...)
1 2 192.96.203.13 ()
1 1 8.2.110.113 ()
2 209.192.201.180 ()
1 2a02:6ea0:c70... ()
1 2a02:6ea0:c70... ()
1 23.35.236.201 ()
433 137
1    2600:9000:223e:fa00:d:a120:a940:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.gmanetwork.com
6    2600:9000:223e:7c00:d:a120:a940:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.gmanetwork.com
15    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
4    199.91.74.174 (Mexico)

ASN21859 (ZEN-ECN, US)
scripts.jixie.media
21    2600:9000:223c:c00:c:3460:340:93a1 (United States)

ASN16509 (AMAZON-02, US)
aphrodite.gmanetwork.com
3    18.245.60.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-48.fra60.r.cloudfront.net
images.gmanetwork.com
5    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    151.101.67.52 (United States)

ASN54113 (FASTLY, US)
rtbcdn.andbeyond.media
rtbpass.andbeyond.media
2    2600:9000:2646:cc00:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
11    2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    23.35.237.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-151.deploy.static.akamaitechnologies.com
z.moatads.com
svastx.moatads.com
1    130.162.160.243 (Slough, United Kingdom)

ASN31898 (ORACLE-BMC-31898, US)
mb.moatads.com
1    129.213.64.139 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
gma.gscontxt.net
9    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
11    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
2    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
5    178.79.242.16 (Frankfurt am Main, Germany)

ASN22822 (LLNW, US)
PTR: https-178-79-242-16.fra.llnw.net
statics.dmcdn.net
vendorlist.dmcdn.net
1    52.207.175.30 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-175-30.compute-1.amazonaws.com
ping.chartbeat.net
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
rtbdemand.apiip.net
3    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    13.32.22.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-22-213.fra56.r.cloudfront.net
c.amazon-adsystem.com
1    3.1.39.24 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-1-39-24.ap-southeast-1.compute.amazonaws.com
prebid.andbeyond.media
2    34.107.231.31 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 31.231.107.34.bc.googleusercontent.com
p.adlooxtracking.com
2    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a04:4e42::714 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
2    18.245.86.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-36.fra60.r.cloudfront.net
images.gmanews.tv
1    2600:9000:223c:1a00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
3    195.8.215.137 (France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: lrpwww.dailymotion.com
geo.dailymotion.com
3    188.65.124.90 (Paris, France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: fp.dc3.dailymotion.com
api.dailymotion.com
www.dailymotion.com
1    99.86.4.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-71.fra6.r.cloudfront.net
config.aps.amazon-adsystem.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    184.30.211.26 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-211-26.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
2    65.9.66.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-97.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    2606:4700:10::6816:34ad (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
2    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
8    188.65.124.59 (Paris, France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: ebed2.dm.gg
pebed.dm-event.net
10    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    2600:9000:2250:1a00:a:e047:753:a221 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
2    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
4    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com
2    2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
32    23.48.23.49 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-23-49.deploy.static.akamaitechnologies.com
s1.dmcdn.net
s2.dmcdn.net
static1.dmcdn.net
2    176.34.182.11 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-176-34-182-11.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
9    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
mug.criteo.com
2    34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com
oajs.openx.net
5    141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu
id5-sync.com
3    18.66.138.185 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-138-185.fra60.r.cloudfront.net
aax.amazon-adsystem.com
5    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
17    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)
a.ad.gt
1    2600:9000:236e:200:2:d490:4d80:93a1 (United States)

ASN16509 (AMAZON-02, US)
wrappers.geoedge.be
2    2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
6    3.126.74.214 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-74-214.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
3    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
3    2606:4700:20::ac43:49e4 (United States)

ASN13335 (CLOUDFLARENET, US)
rtb.adpone.com
3    147.75.84.158 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
3    96.46.186.57 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
13    37.252.171.53 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
3    23.218.209.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-209-56.deploy.static.akamaitechnologies.com
a.teads.tv
1    185.239.172.170 (United Kingdom)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
3    2606:4700:4400::6812:22b2 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
3    2602:803:c003:200::43 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
3    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
5    216.52.2.91 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
3    185.106.140.18 (Netherlands)

ASN7979 (SERVERS-COM, US)
rtb.adxpremium.services
3    162.210.196.208 (Lanham, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
hb.aralego.com
4    51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
1    185.83.69.58 (Cricklewood, United Kingdom)

ASN55081 (24SHELLS, US)
ghb1.adtelligent.com
1    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
google-bidout-d.openx.net
1    2606:4700::6812:1791 (United States)

ASN13335 (CLOUDFLARENET, US)
cadmus.script.ac
5    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
3    23.48.23.23 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-23-23.deploy.static.akamaitechnologies.com
static1.dmcdn.net
1    2a0c:5c87:5239::2 (Cricklewood, United Kingdom)

ASN55081 (24SHELLS, US)
ghb2.adtelligent.com
2    34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
1    188.65.124.91 (Paris, France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: st.dc3.dailymotion.com
speedtest.dailymotion.com
5    43.129.34.52 (Jakarta, Indonesia)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
traid.jixie.io
4    2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
17    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    188.65.124.66 (Paris, France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: ingress-03-pub-prod-ix7.vip.dailymotion.com
dmxleo.dailymotion.com
2    162.19.138.117 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu
lb.eu-1-id5-sync.com
1    2606:4700:10::6816:4092 (United States)

ASN13335 (CLOUDFLARENET, US)
j.adlooxtracking.com
5    2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    74.125.133.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f156.1e100.net
bid.g.doubleclick.net
1    35.241.31.249 (Mountain View, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.31.241.35.bc.googleusercontent.com
data00.adlooxtracking.com
1    2a02:fa8:8806:12::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
1    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
15    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
cm.g.doubleclick.net
1    35.194.66.159 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 159.66.194.35.bc.googleusercontent.com
um.simpli.fi
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
2    54.195.247.153 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-195-247-153.eu-west-1.compute.amazonaws.com
match.360yield.com
ad.360yield.com
1    81.17.55.171 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
ssbsync.smartadserver.com
1    35.214.224.130 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 130.224.214.35.bc.googleusercontent.com
csync.loopme.me
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a05:d018:d29:3605:e656:41e3:3e80:bff1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
4    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
widget.nl3.eu.criteo.com
1    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
2    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
3    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
3    23.35.237.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com
sync.teads.tv
criteo-sync.teads.tv
3    142.250.186.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net
ad.doubleclick.net
7    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
r.casalemedia.com
ssum.casalemedia.com
1    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
1    2a00:1450:4001:11::a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
r5---sn-4g5lznez.c.2mdn.net
2    2a00:1450:4001:11::8 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
r3---sn-4g5lznez.c.2mdn.net
1    2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
2    178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl3.eu.criteo.com
2    2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
2    52.58.92.77 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-92-77.eu-central-1.compute.amazonaws.com
x.bidswitch.net
3    23.36.156.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-156-23.deploy.static.akamaitechnologies.com
contextual.media.net
c21lg-d.media.net
1    185.86.138.146 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync-t1.taboola.com
2    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    37.157.3.20 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
1    54.155.236.110 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-236-110.eu-west-1.compute.amazonaws.com
visitor.omnitagjs.com
2    52.50.106.246 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-106-246.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com
matching.ivitrack.com
1    54.93.209.232 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-209-232.eu-central-1.compute.amazonaws.com
exchange.mediavine.com
1    63.35.59.59 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-59-59.eu-west-1.compute.amazonaws.com
jadserve.postrelease.com
1    64.202.112.255 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
sync.outbrain.com
1    198.47.127.205 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    34.247.98.157 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-98-157.eu-west-1.compute.amazonaws.com
trends.revcontent.com
1    18.196.51.148 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-51-148.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    2600:1f18:612b:4264:daa9:3300:1f77:ca7c (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
criteo-partners.tremorhub.com
1    23.35.237.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-75.deploy.static.akamaitechnologies.com
ad.yieldlab.net
1    54.194.96.15 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-96-15.eu-west-1.compute.amazonaws.com
sync-criteo.ads.yieldmo.com
1    52.211.88.8 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-88-8.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    3.141.120.20 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-141-120-20.us-east-2.compute.amazonaws.com
s.thebrighttag.com
1    131.153.158.209 (Amsterdam, Netherlands)

ASN60558 (SECUREDSERVERS-EU, US)
id.a-mx.com
3    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    2606:4700:20::681a:467 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    23.218.210.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-210-30.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    2606:4700:e4::ac40:a60b (United States)

ASN13335 (CLOUDFLARENET, US)
adxbid.info
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
2    192.96.203.13 (None, )

ASN- ()
sync.aralego.com
1    8.2.110.113 (None, )

ASN- ()
as.ck-ie.com
2    209.192.201.180 (None, )

ASN- ()
user-sync.adxpremium.services
1    2a02:6ea0:c700::18 (None, )

ASN- ()
vid.vidoomy.com
1    2a02:6ea0:c700::17 (None, )

ASN- ()
vpaid.vidoomy.com
1    23.35.236.201 (None, )

ASN- ()
ads.pubmatic.com
Apex Domain
Subdomains		 Transfer
40 dmcdn.net
statics.dmcdn.net — Cisco Umbrella Rank: 101556
s1.dmcdn.net — Cisco Umbrella Rank: 11609
s2.dmcdn.net — Cisco Umbrella Rank: 11637
static1.dmcdn.net — Cisco Umbrella Rank: 8624
vendorlist.dmcdn.net — Cisco Umbrella Rank: 13037
1 MB
38 googlesyndication.com
5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
220 KB
37 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
bid.g.doubleclick.net — Cisco Umbrella Rank: 802
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
ad.doubleclick.net — Cisco Umbrella Rank: 154
303 KB
31 gmanetwork.com
www.gmanetwork.com — Cisco Umbrella Rank: 227099
aphrodite.gmanetwork.com — Cisco Umbrella Rank: 234370
images.gmanetwork.com — Cisco Umbrella Rank: 282157
998 KB
25 gstatic.com
fonts.gstatic.com
www.gstatic.com
csi.gstatic.com
1 MB
19 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 454
mug.criteo.com — Cisco Umbrella Rank: 2926
bidder.criteo.com — Cisco Umbrella Rank: 757
dis.criteo.com — Cisco Umbrella Rank: 597
ads.eu.criteo.com — Cisco Umbrella Rank: 10450
cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 11552
widget.nl3.eu.criteo.com — Cisco Umbrella Rank: 23475
45 KB
13 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 246
18 KB
13 google.com
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 3040
75 KB
12 criteo.net
static.criteo.net — Cisco Umbrella Rank: 668
csm.eu.criteo.net — Cisco Umbrella Rank: 10557
113 KB
10 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
imasdk.googleapis.com — Cisco Umbrella Rank: 447
630 KB
9 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 513
pixel.rubiconproject.com — Cisco Umbrella Rank: 376
eus.rubiconproject.com — Cisco Umbrella Rank: 602
token.rubiconproject.com — Cisco Umbrella Rank: 458
17 KB
8 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
gcdn.2mdn.net — Cisco Umbrella Rank: 1173
r5---sn-4g5lznez.c.2mdn.net — Cisco Umbrella Rank: 939721
r3---sn-4g5lznez.c.2mdn.net — Cisco Umbrella Rank: 829505
93 KB
8 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1165
x.bidswitch.net — Cisco Umbrella Rank: 351
2 KB
8 dm-event.net
pebed.dm-event.net — Cisco Umbrella Rank: 9164
3 KB
8 dailymotion.com
geo.dailymotion.com — Cisco Umbrella Rank: 8076
api.dailymotion.com — Cisco Umbrella Rank: 24831
www.dailymotion.com — Cisco Umbrella Rank: 9701
speedtest.dailymotion.com — Cisco Umbrella Rank: 9958
dmxleo.dailymotion.com — Cisco Umbrella Rank: 9093
52 KB
7 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625
r.casalemedia.com — Cisco Umbrella Rank: 1699
ssum.casalemedia.com
4 KB
7 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 863
id5-sync.com — Cisco Umbrella Rank: 440
71 KB
7 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 306
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 598
aax.amazon-adsystem.com — Cisco Umbrella Rank: 394
73 KB
6 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1462
sync.teads.tv — Cisco Umbrella Rank: 1403
criteo-sync.teads.tv — Cisco Umbrella Rank: 2580
2 KB
6 media.net
prebid.media.net — Cisco Umbrella Rank: 1335
contextual.media.net — Cisco Umbrella Rank: 691
c21lg-d.media.net
10 KB
5 jixie.io
traid.jixie.io — Cisco Umbrella Rank: 33870
partnerrsc.jixie.io Failed
1 KB
5 aralego.com
hb.aralego.com — Cisco Umbrella Rank: 28573
sync.aralego.com
1 KB
5 adxpremium.services
rtb.adxpremium.services — Cisco Umbrella Rank: 9542
user-sync.adxpremium.services
8 KB
5 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 683
2 KB
5 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1523
mp.4dex.io — Cisco Umbrella Rank: 2070
27 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 406
104 KB
4 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 823
simage2.pubmatic.com — Cisco Umbrella Rank: 843
ads.pubmatic.com
6 KB
4 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492
ups.analytics.yahoo.com — Cisco Umbrella Rank: 327
1 KB
4 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 746
1 KB
4 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1656
google-bidout-d.openx.net — Cisco Umbrella Rank: 1665
rtb.openx.net — Cisco Umbrella Rank: 695
914 B
4 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 976
bcp.crwdcntrl.net — Cisco Umbrella Rank: 887
24 KB
4 adlooxtracking.com
p.adlooxtracking.com — Cisco Umbrella Rank: 24339
j.adlooxtracking.com — Cisco Umbrella Rank: 13670
data00.adlooxtracking.com — Cisco Umbrella Rank: 11098
31 KB
4 moatads.com
z.moatads.com — Cisco Umbrella Rank: 647
mb.moatads.com — Cisco Umbrella Rank: 744
svastx.moatads.com — Cisco Umbrella Rank: 3235
94 KB
4 jixie.media
scripts.jixie.media — Cisco Umbrella Rank: 34774
107 KB
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353
849 B
3 adtelligent.com
ghb.adtelligent.com — Cisco Umbrella Rank: 5236
ghb1.adtelligent.com — Cisco Umbrella Rank: 7260
ghb2.adtelligent.com — Cisco Umbrella Rank: 9094
1 KB
3 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1638
3 KB
3 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
806 B
3 adpone.com
rtb.adpone.com — Cisco Umbrella Rank: 20655
2 KB
3 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 1601
a.ad.gt — Cisco Umbrella Rank: 1844
4 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
159 KB
3 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1245
pixel.quantserve.com — Cisco Umbrella Rank: 964
cms.quantserve.com — Cisco Umbrella Rank: 764
10 KB
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1585
mab.chartbeat.com — Cisco Umbrella Rank: 2550
25 KB
3 andbeyond.media
rtbcdn.andbeyond.media — Cisco Umbrella Rank: 33163
prebid.andbeyond.media — Cisco Umbrella Rank: 30387
rtbpass.andbeyond.media — Cisco Umbrella Rank: 48614
173 KB
2 vidoomy.com
vid.vidoomy.com
vpaid.vidoomy.com
19 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 228
1 KB
2 adform.net
cm.adform.net — Cisco Umbrella Rank: 1267
268 B
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 417
279 B
2 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 774
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 733
208 B
2 360yield.com
match.360yield.com — Cisco Umbrella Rank: 2249
ad.360yield.com — Cisco Umbrella Rank: 781
397 B
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 928
555 B
2 clean.gg
i.clean.gg — Cisco Umbrella Rank: 894
104 B
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 335
10 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 6862
515 B
2 gmanews.tv
images.gmanews.tv — Cisco Umbrella Rank: 233295
734 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 223
3 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
150 KB
1 ck-ie.com
as.ck-ie.com
484 B
1 adxbid.info
adxbid.info — Cisco Umbrella Rank: 12205
3 KB
1 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 15951
1 KB
1 a-mx.com
id.a-mx.com — Cisco Umbrella Rank: 3513
271 B
1 thebrighttag.com
s.thebrighttag.com — Cisco Umbrella Rank: 2536
267 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 758
337 B
1 yieldmo.com
sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2884
38 B
1 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 4925
235 B
1 tremorhub.com
criteo-partners.tremorhub.com — Cisco Umbrella Rank: 3030
398 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 559
35 B
1 revcontent.com
trends.revcontent.com — Cisco Umbrella Rank: 2528
1 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 807
145 B
1 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1122
423 B
1 mediavine.com
exchange.mediavine.com — Cisco Umbrella Rank: 1284
879 B
1 ivitrack.com
matching.ivitrack.com — Cisco Umbrella Rank: 10529
274 B
1 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 799
385 B
1 taboola.com
sync-t1.taboola.com — Cisco Umbrella Rank: 1630
99 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 940
415 B
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 54581
609 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 795
711 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 709
540 B
1 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 3451
104 B
1 script.ac
cadmus.script.ac — Cisco Umbrella Rank: 1421
46 KB
1 geoedge.be
wrappers.geoedge.be — Cisco Umbrella Rank: 21126
3 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1762
8 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2491
3 KB
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 1779
10 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1155
17 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1212
1 KB
1 apiip.net
rtbdemand.apiip.net — Cisco Umbrella Rank: 28377
431 B
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1376
201 B
1 gscontxt.net
gma.gscontxt.net — Cisco Umbrella Rank: 402569
488 B
433 90
Domain Requested by
21 aphrodite.gmanetwork.com www.gmanetwork.com
aphrodite.gmanetwork.com
17 pagead2.googlesyndication.com imasdk.googleapis.com
www.gmanetwork.com
5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
www.googletagservices.com
17 tpc.googlesyndication.com www.gmanetwork.com
cdn.ampproject.org
5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com
tpc.googlesyndication.com
imasdk.googleapis.com
securepubads.g.doubleclick.net
16 static1.dmcdn.net geo.dailymotion.com
www.gmanetwork.com
15 cm.g.doubleclick.net 5 redirects www.gmanetwork.com
5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com
googleads.g.doubleclick.net
15 securepubads.g.doubleclick.net www.gmanetwork.com
www.googletagservices.com
securepubads.g.doubleclick.net
5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com
13 ib.adnxs.com 2 redirects rtbpass.andbeyond.media
googleads.g.doubleclick.net
11 www.gstatic.com www.google.com
static1.dmcdn.net
www.gstatic.com
11 www.google.com www.gmanetwork.com
www.gstatic.com
www.google.com
5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com
tpc.googlesyndication.com
10 s2.dmcdn.net www.gmanetwork.com
10 static.criteo.net securepubads.g.doubleclick.net
rtbpass.andbeyond.media
static.criteo.net
ads.eu.criteo.com
9 s1.dmcdn.net www.gmanetwork.com
9 fonts.gstatic.com fonts.googleapis.com
8 pebed.dm-event.net geo.dailymotion.com
static1.dmcdn.net
7 gum.criteo.com 5 redirects static.criteo.net
7 www.gmanetwork.com 1 redirects www.gmanetwork.com
6 grid.bidswitch.net rtbpass.andbeyond.media
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 csi.gstatic.com imasdk.googleapis.com
5 traid.jixie.io scripts.jixie.media
5 imasdk.googleapis.com geo.dailymotion.com
static1.dmcdn.net
imasdk.googleapis.com
5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com
5 ap.lijit.com rtbpass.andbeyond.media
adxbid.info
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 id5-sync.com cdn.id5-sync.com
ads.eu.criteo.com
rtbpass.andbeyond.media
5 fonts.googleapis.com www.gmanetwork.com
aphrodite.gmanetwork.com
securepubads.g.doubleclick.net
5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com
4 s0.2mdn.net imasdk.googleapis.com
www.gmanetwork.com
s0.2mdn.net
4 onetag-sys.com rtbpass.andbeyond.media
4 5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 scripts.jixie.media www.gmanetwork.com
scripts.jixie.media
3 match.adsrvr.org rtbpass.andbeyond.media
scripts.jixie.media
3 ad.doubleclick.net www.gmanetwork.com
imasdk.googleapis.com
3 pixel.rubiconproject.com 1 redirects ads.eu.criteo.com
adxbid.info
3 dis.criteo.com 1 redirects
3 hb.aralego.com rtbpass.andbeyond.media
3 rtb.adxpremium.services rtbpass.andbeyond.media
3 bidder.criteo.com rtbpass.andbeyond.media
3 fastlane.rubiconproject.com rtbpass.andbeyond.media
3 mp.4dex.io rtbpass.andbeyond.media
3 a.teads.tv rtbpass.andbeyond.media
3 ads.betweendigital.com rtbpass.andbeyond.media
3 prebid.a-mo.net rtbpass.andbeyond.media
3 rtb.adpone.com rtbpass.andbeyond.media
3 prebid.media.net rtbpass.andbeyond.media
3 aax.amazon-adsystem.com c.amazon-adsystem.com
3 geo.dailymotion.com statics.dmcdn.net
geo.dailymotion.com
3 c.amazon-adsystem.com rtbcdn.andbeyond.media
c.amazon-adsystem.com
3 www.googletagservices.com rtbcdn.andbeyond.media
5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com
3 statics.dmcdn.net www.gmanetwork.com
statics.dmcdn.net
3 images.gmanetwork.com www.gmanetwork.com
2 user-sync.adxpremium.services adxbid.info
2 sync.aralego.com 1 redirects cdn.aralego.net
2 eus.rubiconproject.com rtbpass.andbeyond.media
eus.rubiconproject.com
2 dpm.demdex.net 1 redirects
2 cm.adform.net ads.eu.criteo.com
adxbid.info
2 ups.analytics.yahoo.com ads.eu.criteo.com
2 eb2.3lift.com ads.eu.criteo.com
adxbid.info
2 contextual.media.net ads.eu.criteo.com
rtbpass.andbeyond.media
2 x.bidswitch.net ads.eu.criteo.com
2 csm.eu.criteo.net ads.eu.criteo.com
2 cat.nl3.eu.criteo.com 5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com
ads.eu.criteo.com
2 r3---sn-4g5lznez.c.2mdn.net www.gmanetwork.com
2 sync.teads.tv 1 redirects 5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com
2 image6.pubmatic.com 5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com
ads.pubmatic.com
2 pr-bh.ybp.yahoo.com 2 redirects
2 lb.eu-1-id5-sync.com cdn.id5-sync.com
rtbpass.andbeyond.media
2 vendorlist.dmcdn.net static1.dmcdn.net
2 i.clean.gg cadmus.script.ac
2 script.4dex.io rtbpass.andbeyond.media
script.4dex.io
2 mug.criteo.com www.gmanetwork.com
2 oajs.openx.net 1 redirects www.gmanetwork.com
2 bcp.crwdcntrl.net tags.crwdcntrl.net
2 id.hadron.ad.gt cdn.hadronid.net
2 cdn.jsdelivr.net securepubads.g.doubleclick.net
5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com
2 cdn.id5-sync.com www.gmanetwork.com
securepubads.g.doubleclick.net
2 tags.crwdcntrl.net www.gmanetwork.com
securepubads.g.doubleclick.net
2 www.google.de www.gmanetwork.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 region1.analytics.google.com www.googletagmanager.com
2 api.dailymotion.com statics.dmcdn.net
2 images.gmanews.tv www.gmanetwork.com
aphrodite.gmanetwork.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 p.adlooxtracking.com rtbcdn.andbeyond.media
p.adlooxtracking.com
2 cdnjs.cloudflare.com www.gmanetwork.com
2 z.moatads.com www.gmanetwork.com
z.moatads.com
2 www.googletagmanager.com www.gmanetwork.com
www.googletagmanager.com
2 static.chartbeat.com www.gmanetwork.com
1 ads.pubmatic.com adxbid.info
1 vpaid.vidoomy.com vid.vidoomy.com
1 ssum.casalemedia.com 1 redirects
1 vid.vidoomy.com adxbid.info
1 c21lg-d.media.net contextual.media.net
1 as.ck-ie.com 1 redirects
1 token.rubiconproject.com eus.rubiconproject.com
1 adxbid.info rtbpass.andbeyond.media
1 cdn.aralego.net rtbpass.andbeyond.media
1 id.a-mx.com rtbpass.andbeyond.media
1 s.thebrighttag.com
1 beacon.krxd.net
1 sync-criteo.ads.yieldmo.com ads.eu.criteo.com
1 ad.yieldlab.net ads.eu.criteo.com
1 criteo-partners.tremorhub.com ads.eu.criteo.com
1 match.sharethrough.com ads.eu.criteo.com
1 trends.revcontent.com ads.eu.criteo.com
1 simage2.pubmatic.com ads.eu.criteo.com
1 sync.outbrain.com ads.eu.criteo.com
1 jadserve.postrelease.com ads.eu.criteo.com
1 exchange.mediavine.com ads.eu.criteo.com
1 matching.ivitrack.com ads.eu.criteo.com
1 ad.360yield.com ads.eu.criteo.com
1 r.casalemedia.com ads.eu.criteo.com
1 visitor.omnitagjs.com ads.eu.criteo.com
1 criteo-sync.teads.tv ads.eu.criteo.com
1 sync-t1.taboola.com ads.eu.criteo.com
1 rtb-csync.smartadserver.com ads.eu.criteo.com
1 widget.nl3.eu.criteo.com ads.eu.criteo.com
1 ads.eu.criteo.com cdn.jsdelivr.net
1 r5---sn-4g5lznez.c.2mdn.net 1 redirects
1 gcdn.2mdn.net 1 redirects
1 rtb.openx.net 5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com
1 cms.quantserve.com 5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com
1 googleads.g.doubleclick.net 5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com
1 svastx.moatads.com imasdk.googleapis.com
1 csync.loopme.me 1 redirects
1 ssbsync.smartadserver.com 5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com
1 match.360yield.com 5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com
1 gcm.ctnsnet.com 1 redirects
1 um.simpli.fi 1 redirects
1 sync-tm.everesttech.net 1 redirects
1 dclk-match.dotomi.com 5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com
1 data00.adlooxtracking.com j.adlooxtracking.com
1 bid.g.doubleclick.net imasdk.googleapis.com
1 j.adlooxtracking.com rtbcdn.andbeyond.media
1 dmxleo.dailymotion.com static1.dmcdn.net
1 speedtest.dailymotion.com static1.dmcdn.net
1 ghb2.adtelligent.com rtbpass.andbeyond.media
1 www.dailymotion.com geo.dailymotion.com
1 cadmus.script.ac script.4dex.io
1 google-bidout-d.openx.net oa.openxcdn.net
1 ghb1.adtelligent.com rtbpass.andbeyond.media
1 ghb.adtelligent.com rtbpass.andbeyond.media
1 wrappers.geoedge.be rtbpass.andbeyond.media
1 a.ad.gt cdn.hadronid.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 cdn.hadronid.net www.gmanetwork.com
1 secure.cdn.fastclick.net www.gmanetwork.com
1 pixel.quantserve.com www.gmanetwork.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 rules.quantcount.com secure.quantserve.com
1 mab.chartbeat.com static.chartbeat.com
1 rtbpass.andbeyond.media rtbcdn.andbeyond.media
1 prebid.andbeyond.media rtbcdn.andbeyond.media
1 rtbdemand.apiip.net rtbcdn.andbeyond.media
1 ping.chartbeat.net www.gmanetwork.com
1 secure.quantserve.com aphrodite.gmanetwork.com
1 gma.gscontxt.net www.gmanetwork.com
1 mb.moatads.com z.moatads.com
1 rtbcdn.andbeyond.media www.gmanetwork.com
0 partnerrsc.jixie.io Failed scripts.jixie.media
433 159

This site contains links to these domains. Also see Links.

Domain
facebook.com
twitter.com
instagram.com
youtube.com
careers.gmanetwork.com
Subject Issuer Validity Valid
*.gmanetwork.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-02 -
2024-06-10		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.jixie.media
Sectigo RSA Organization Validation Secure Server CA		 2023-09-15 -
2024-08-18		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
andbeyond.media
Certainly Intermediate R1		 2023-11-20 -
2023-12-20		 a month crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1		 2023-05-16 -
2024-06-06		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-25 -
2024-10-24		 a year crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-06-20 -
2024-07-20		 a year crt.sh
*.gscontxt.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-08 -
2023-12-08		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
quantserve.com
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.dmcdn.net
ZeroSSL RSA Domain Secure Site CA		 2023-11-12 -
2024-02-10		 3 months crt.sh
*.chartbeat.net
Thawte TLS RSA CA G1		 2023-11-20 -
2024-12-20		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.andbeyond.media
Starfield Secure Certificate Authority - G2		 2023-02-14 -
2024-03-17		 a year crt.sh
p.adlooxtracking.com
GTS CA 1D4		 2023-11-13 -
2024-02-11		 3 months crt.sh
*.gmanews.tv
Amazon RSA 2048 M01		 2023-04-27 -
2024-05-25		 a year crt.sh
*.dailymotion.com
ZeroSSL RSA Domain Secure Site CA		 2023-09-24 -
2023-12-23		 3 months crt.sh
www.dailymotion.com
ZeroSSL ECC Domain Secure Site CA		 2023-09-24 -
2023-12-23		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
www.google.de
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-03 -
2024-10-03		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
hadronid.net
GTS CA 1P5		 2023-10-05 -
2024-01-03		 3 months crt.sh
*.dm-event.net
ZeroSSL RSA Domain Secure Site CA		 2023-10-17 -
2024-01-15		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
cdn.prod.uidapi.com
R3		 2023-11-02 -
2024-01-31		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-09-25 -
2023-12-24		 3 months crt.sh
api.dmcdn.net
R3		 2023-10-23 -
2024-01-21		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
*.id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
gw.geoedge.be
Amazon RSA 2048 M01		 2023-08-12 -
2024-09-09		 a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2023-10-23 -
2024-10-22		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.a-mo.net
R3		 2023-11-07 -
2024-02-05		 3 months crt.sh
*.ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2023-01-13 -
2024-02-13		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
teads.tv
R3		 2023-11-03 -
2024-02-01		 3 months crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-09-29 -
2023-12-28		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.adxpremium.services
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-08-05		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2023-11-09 -
2024-12-09		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
ghb1.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-10-02 -
2023-12-31		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
script.ac
E1		 2023-10-31 -
2024-01-29		 3 months crt.sh
ghb2.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-10-02 -
2023-12-31		 3 months crt.sh
i.clean.gg
GTS CA 1D4		 2023-11-14 -
2024-02-12		 3 months crt.sh
speedtest.dailymotion.com
ZeroSSL ECC Domain Secure Site CA		 2023-10-12 -
2024-01-10		 3 months crt.sh
*.jixie.io
Sectigo RSA Organization Validation Secure Server CA		 2023-05-14 -
2024-06-13		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
dmxleo.dailymotion.com
ZeroSSL RSA Domain Secure Site CA		 2023-10-27 -
2024-01-25		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
adlooxtracking.com
GTS CA 1P5		 2023-09-29 -
2023-12-28		 3 months crt.sh
*.adlooxtracking.com
R3		 2023-10-03 -
2024-01-01		 3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-08-15 -
2024-09-15		 a year crt.sh
*.360yield.com
Amazon RSA 2048 M01		 2023-05-29 -
2024-06-26		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.c.docs.google.com
GTS CA 1C3		 2023-11-14 -
2024-01-23		 2 months crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-29 -
2023-12-23		 3 months crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-30 -
2023-12-25		 3 months crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-17 -
2024-01-18		 3 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
*.taboola.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-25 -
2024-06-18		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
itm.ivitrack.com
R3		 2023-10-15 -
2024-01-13		 3 months crt.sh
exchange.mediavine.com
Amazon RSA 2048 M02		 2023-06-06 -
2024-07-04		 a year crt.sh
*.postrelease.com
Amazon RSA 2048 M01		 2023-02-09 -
2024-02-16		 a year crt.sh
*.outbrain.com
Thawte RSA CA 2018		 2022-11-06 -
2023-11-28		 a year crt.sh
revcontent.com
Amazon RSA 2048 M02		 2023-05-18 -
2024-06-16		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.tremorhub.com
Amazon RSA 2048 M01		 2023-02-22 -
2024-03-23		 a year crt.sh
*.yieldlab.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-09-17 -
2024-09-17		 a year crt.sh
*.ads.yieldmo.com
Amazon RSA 2048 M01		 2023-04-04 -
2024-05-02		 a year crt.sh
id.a-mx.com
Sectigo RSA Domain Validation Secure Server CA		 2023-10-12 -
2024-11-10		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
adxbid.info
E1		 2023-10-07 -
2024-01-05		 3 months crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-10-06		 a year crt.sh

This page contains 39 frames:

Primary Page: https://www.gmanetwork.com/
Frame ID: 64B4692607F269ECE48F5495C74E3DD4
Requests: 217 HTTP requests in this frame

Frame: https://z.moatads.com/hd09824092/iframe.html
Frame ID: 08E4CDB7A48B27B60571421A715D1209
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeMXBkUAAAAADrrrFfGFPpuiQ8fmumFUu-Ndq6o&co=aHR0cHM6Ly93d3cuZ21hbmV0d29yay5jb206NDQz&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=k8lbwr9v66gi
Frame ID: 84B117DF57F4FFB9DFE0EA70262439AD
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeMXBkUAAAAADrrrFfGFPpuiQ8fmumFUu-Ndq6o&co=aHR0cHM6Ly93d3cuZ21hbmV0d29yay5jb206NDQz&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=967n7sla8kku
Frame ID: 29E70580F9157DDCB17B8C9BE972239C
Requests: 4 HTTP requests in this frame

Frame: https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 52D5BED5E8E4D745CB5E123BEF67A100
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.gmanetwork.com
Frame ID: F0CCD579663AE23C43CCA5D12F944CDD
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LeMXBkUAAAAADrrrFfGFPpuiQ8fmumFUu-Ndq6o
Frame ID: 2EB16EE4B54EE8E1537C527B8D5410DA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LeMXBkUAAAAADrrrFfGFPpuiQ8fmumFUu-Ndq6o
Frame ID: 17F96A974B6B3D418CA1931E224E57A9
Requests: 3 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: 6EFEABBE2F2A9AEC674546FE8B04D380
Requests: 17 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 43D01BADDD3F935A68BC0F1B1EF3D8AB
Requests: 1 HTTP requests in this frame

Frame: https://geo.dailymotion.com/player/x3d09.html?video=x8puf01&customConfig[customParams]=dm_position%3Dmainrecowidget&actionInfo=false&mute=true&dmPubtool=new-cdn-ce-v2
Frame ID: 9F293940FF9B7EC9BECF4281234B67F1
Requests: 30 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 41DA8153558FCC1BEE0881229D3485C1
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Frame ID: 618063BD729F158F08864F969F6468C4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 4008D865F07E2C320AB6E02625F5A2C4
Requests: 1 HTTP requests in this frame

Frame: https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 04EB18EE7DF40F70A12799391935387A
Requests: 23 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4EB7CE1E3B27AA8712B97D0CC9A0DBAD
Requests: 9 HTTP requests in this frame

Frame: https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6A20F8431E570904B2281E5C8BA83E1F
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYj6nd_QEwAQ&v=APEucNU78gV3zg_3MVfIo7ZFn95bxDknNKWQfT2zfrKbTOMh6CbWPvZ_JYvdw2x2IVmjRMqzZt1sije8UAip6UZ0LToiLla5cmuM7I_NonDqViBlbNm7OYwJ0dz7p3VMIAkSlOiJ707DlFsRDXRdvhHjMGKCRYQRFO0H5ys-WSBFIKrWvGlJ63Q
Frame ID: 764598995917BF5921A54CC657202C8C
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D4FB16F7915656ACA9FA693F5A69E484
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 4D1C2A6D015962414118D87343F257DA
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6011597790579686621/index.html?ev=01_250
Frame ID: 6B3641B27685D3B08075A49B94E26743
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 1EAA4E4F07B8ECF20F17B49CBB6562CB
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7747CCE735F49B9552F3C0878C7CB168
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 13886FFA325293D501F4071231E94CCD
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.gmanetwork.com
Frame ID: 03786D1F3CBDD0431E0C52AC5182DA6F
Requests: 2 HTTP requests in this frame

Frame: https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FA9C463CDE6DE78218676B2FEFF1818F
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CSjCvTxYxxVVrYmVuEXo%2BaZ4nvosARr3xN0lMWRUbgvM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aNUWWi1001QP2DbcHx13CV5SzTvXB70MtC8x70eaXXB_Q70a-ihYkYnVy5NZv9uK6fMOnC62W7jrDDLCzRxJ7zyOzSCAKHh9Px4VZOxi8Lf1H9bflHarUWmuCSjF94WKX9mEuCo82pzWYJf6ZiwmqTcurc7uS3MAB1DCzE5KUJAfbTRMTRQ1UG_aA7rKJrWoGSdAAPg8ikmyhpr_Fk47xaRdv_FRz9uiP-QLZaCQudfBA-THa7qU1aSG3vRS5uN3OLifVHXQzCa7S6jnCvM7ZCYEAO1dPi9JbiSZ1g4CF6BPlfp793pv2sOFA3UsYCG528p9tGQWdi8cSZLZFNlmw8WmiLaR97yUv3JE95T4dpXESEjJUCc6SAxEIQYkMOKEseQUuu7HfWJbuqBwJ6nF-cbSt53xNsFPdaGmH5n33YvSalFek9iN4My-DPCGEM4mEGyjh-2PqVPHa4xyetc3ynvp9hmWrylWgK8X3vgzreZkuUdJrtxJrrhvzGVhw9g3v5cnzV-EYNXJZ_Koq5gW9uPkMVFw9xsESQguKnmcklyz3SfRJK5HmR8
Frame ID: 8805CEE07E3657499BA5C52D5E7F62C7
Requests: 11 HTTP requests in this frame

Frame: https://cat.nl3.eu.criteo.com/tpd?dd=rPV_HF9jS0dlRjF4akFEMUtHYVlOc293RXJQbmliWkNUNGU5Z2NoeG5lNkd0dndJN2RpYjZtb05xMHZDc2FwTmgySmZXb0dQeTJIMXVsNm80ZEozWjFDVkVhR3QlMkJoQjVrNkFNUFNNYk0lMkJlakdPcyUyRndxRkhQSTdmcUJiUGd4SDN6Nld6YUNnMlFXMFpISnhhSmZzWFglMkJzT2p5NExEbjNqelZBM2VtNjlXeEh4MVczTmYxSVhUcmgwNTNJM0lsamY3bnpFYXMlMkZCRU9yRDUydHQlMkY2R2NZcm52MFlac2RlaVd2UVBybjVwYjBrR1dzekRIdmRwMVBKM0NKN0xEU1V4d2N5aXNCMm83NCUyQkpNeSUyRkRKR040Q2lGbXlBcVJKNUh0clB3S0hZRSUyQjM2SEklMkJMekNpZm1jZGZPQSUyRjZmZTVpVnZqWkdjbGV3eiUyQmxldGkzZSUyRkxhY0MxcCUyRmFHNGwyUVR0eGtZZHNRTGg2dllXb3hRcTJBNmMzaHpDc3ElMkYxckF0SSUyRk8lMkJORWZFUW0yeEt4dXR4TFF6eGNwMFo0S2NnSkVsRUF0OUl2bnpWQm1KZkolMkJxZXZBJTNE
Frame ID: 0822B6782C553ECF2E9233756F83E96F
Requests: 1 HTTP requests in this frame

Frame: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=186190&cb=655f6bae82e6cbb100467eaf0f26d8be&r=https%3a%2f%2f5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com%2f&crossorigin=false
Frame ID: 5A6146F4E971E305A589EBB49CF54A42
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-gj2KscyNEPrsLnsI-fhaS2wBwXt5Zb-1KSth2g&google_gid=CAESEOs9l9fRfItlQ6pnuYRmiFc&google_cver=1&google_ula=913071,0
Frame ID: 94FE9731FBC208E15E41DAEB0B4AFB92
Requests: 30 HTTP requests in this frame

Frame: https://partnerrsc.jixie.io/pbs/jx-load-cookie.html?accountid=${accountId}
Frame ID: 820C306F79F4B9E83CFBF9E398FAD29E
Requests: 2 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/sync.html
Frame ID: 3F8CE8DF1A00BD28B0228704BAF99012
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO7Q43N&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 1336A714FFBD19D1C11C3C84DBE23B1F
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: D13A823D5146E13D791CF854736E24C6
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1700752298617
Frame ID: 21C5C6E2FCB63DF39148273C2DAFAA56
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13413210
Frame ID: 70796FE19F2BBC394FF25A837B72D6A2
Requests: 1 HTTP requests in this frame

Frame: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Frame ID: F63E9379E1FB89D13D6CA1267C6B8B39
Requests: 7 HTTP requests in this frame

Frame: https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Frame ID: 8EF06E32186F794B82906AD32190708B
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 17862197A705D81172B6375FF3126B2A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

GMA Network | News and Entertainment

Page URL History Show full URLs

  1. http://www.gmanetwork.com/ HTTP 301
    https://www.gmanetwork.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

433
Requests

94 %
HTTPS

39 %
IPv6

90
Domains

159
Subdomains

137
IPs

12
Countries

6905 kB
Transfer

17333 kB
Size

70
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.gmanetwork.com/ HTTP 301
    https://www.gmanetwork.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 110
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.gmanetwork.com%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.gmanetwork.com%2F&rid=esp&cc=1
Request Chain 133
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=gmanetwork.com&sn=ChromeSyncframe&so=0&topUrl=www.gmanetwork.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=ExR-cXxEYmNpeDY4R1p6Q1pPVElPSDR0V3AvK2YvaVJxcWJROWY2VEdZS29KRjY3dmN1dnY3TUExMHdvTW12L1lmTkJIeGxsWm5LWU1DMXV3MSsvU1ZFNjI0Z3REY3h0QmY1Zjg2cUJVRHo0eG1pRlRXTWVMWUl3ZHNwSXVjamk2RjhFVzNyTE5nUDJXYzNTSUUxakh5WFZFaWtNamFBaE5YL0l5eFgvTTlhT0VXc3J2SVJnaG1zN3FMMXpJUFJGdUZBRjB1TG51U25aL0paM2xzclJNMTRNam1IMGNpRWZMSHVXZyt1OWgyR3NkMmlkaFVZT1ZjYjB5MWowc1hRS1FHMGM0NFIreWUvUE5tcUhjOStnMjAxdFVmbmtzczJTVFNYY0d4ZWFadUs3QUJQWT18&cppv=2
Request Chain 285
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEJuYH84M4GTWttoIXU6Z-IM&google_cver=1&google_push=AXcoOmSmSQnJTK-TTaJcgoMUYaKUj8_1do3HQ8s2e5GWI50DJvRQ9e8D3Di4_TtLSCnpYsAINsQbseKgQcy-6a4JLhu8oP1w99k HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJuYH84M4GTWttoIXU6Z-IM&google_push=AXcoOmSmSQnJTK-TTaJcgoMUYaKUj8_1do3HQ8s2e5GWI50DJvRQ9e8D3Di4_TtLSCnpYsAINsQbseKgQcy-6a4JLhu8oP1w99k
Request Chain 286
  • https://um.simpli.fi/gp_match?google_gid=CAESEGhKiX_rfZQQZGjNifelHsM&google_cver=1&google_push=AXcoOmQuPPWBy5tXR_fsnAgtxGHXs9rVj2kneu0d_Lov4jD0PAxievin1P6V5NcXTAHWZXTss_o7SOJd3-Zy1pvTFg0gAuyFT2g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9BF159EC8C7341D4B578945DD281E208&google_push=AXcoOmQuPPWBy5tXR_fsnAgtxGHXs9rVj2kneu0d_Lov4jD0PAxievin1P6V5NcXTAHWZXTss_o7SOJd3-Zy1pvTFg0gAuyFT2g
Request Chain 287
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEBGDV1zK7AgNa9g5CdnmUEk&google_cver=1&google_push=AXcoOmSJv7jvNBwKCFojI26XzIxA43Pn08ByOU6bb5EyUQ2bAanooFs5ahbGYSj7vNrrBkU4OyeE4Lpj1Y8-G5gFZz4GBf-R5VH8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSJv7jvNBwKCFojI26XzIxA43Pn08ByOU6bb5EyUQ2bAanooFs5ahbGYSj7vNrrBkU4OyeE4Lpj1Y8-G5gFZz4GBf-R5VH8&google_hm=0ZH-5f3hTPeOXfFH_KnsXEs
Request Chain 290
  • https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESECmX4PXua6JhjmgAUq5IONI&google_cver=1&google_push=AXcoOmTbr8ZZCN1Ln6uef1BF4Up9ptanoUbrNAYxFSXKhUY4tIMUaQZ2LmQj5Iy6BTvgc08E05JBAAtnRjubT9chRsnzVqRZ0MAp HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=5e8c48e5-324c-47d3-8c10-88d899b34086&google_cver=1&google_gid=CAESECmX4PXua6JhjmgAUq5IONI&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmTbr8ZZCN1Ln6uef1BF4Up9ptanoUbrNAYxFSXKhUY4tIMUaQZ2LmQj5Iy6BTvgc08E05JBAAtnRjubT9chRsnzVqRZ0MAp&gdpr=${GDPR}
Request Chain 312
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDVjhlcmYxcJWP3P0kAz-zQ&google_cver=1&google_push=AXcoOmQJ3VuRBB5Uxu_vCkosX9tkPD74bATNJ_o89UK2cSdXUq9wQZDB7zX2ifsfuHzLntly96fsUZMbxCUEppW7yNUcuT-S4M1M HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQJ3VuRBB5Uxu_vCkosX9tkPD74bATNJ_o89UK2cSdXUq9wQZDB7zX2ifsfuHzLntly96fsUZMbxCUEppW7yNUcuT-S4M1M&google_hm=eS1xWjZzQWwxRTJwRmZST0dKdHVtZGJmSW5GSnY5RFhLdX5B
Request Chain 313
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmT-sBbeltX98wR8n5IQqL3xi6_ZL2nGK05RDZH9oFsm82oOHDhl4s2kUMPnJSG8J6LLNr8i4qMlt78FYzCU_w-z0XvzEK-h&google_gid=CAESEOs9l9fRfItlQ6pnuYRmiFc&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-gj2KscyNEPrsLnsI-fhaS2wBwXt5Zb-1KSth2g&google_push=AXcoOmT-sBbeltX98wR8n5IQqL3xi6_ZL2nGK05RDZH9oFsm82oOHDhl4s2kUMPnJSG8J6LLNr8i4qMlt78FYzCU_w-z0XvzEK-h
Request Chain 316
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEG45iIlvzpQFTgO_xpZdO04&google_cver=1&google_push=AXcoOmQZCww8Oox21C-p_qXoEfVBCO4AZMvb0oE7FnwjRv7FR57hG4MTcHT9djV8Hyyi6-RUQHIYZSrqGo7c0umL1z4d3P-3nhRS HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBCQzA4SEMtMVQtRjBVOA==&google_push=AXcoOmQZCww8Oox21C-p_qXoEfVBCO4AZMvb0oE7FnwjRv7FR57hG4MTcHT9djV8Hyyi6-RUQHIYZSrqGo7c0umL1z4d3P-3nhRS
Request Chain 317
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEPitdkTaAR0Pgi4bZu53gY4&google_cver=1&google_push=AXcoOmS0ZZi9aVr1Hmc_W3bidLHjd7yCzlERsO5P3WUoNRxd3RG0fJ7WASYJzupDDyom2zqHkbB0ZevgD1FtNPVyLm3SHcSwTymI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmS0ZZi9aVr1Hmc_W3bidLHjd7yCzlERsO5P3WUoNRxd3RG0fJ7WASYJzupDDyom2zqHkbB0ZevgD1FtNPVyLm3SHcSwTymI HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 321
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHIcqtjVmYdwdl13qmz019Y&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHIcqtjVmYdwdl13qmz019Y&google_cver=1&C=1
Request Chain 322
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZV9rrGIUNkZJLd0s5LYUhQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHIcqtjVmYdwdl13qmz019Y&google_cver=1
Request Chain 323
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMrupey1Y6kU_thq6QSMvU0&google_cver=1
Request Chain 324
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA5NTMwNzA3NDU4NTI3MDYyNw%3D%3D
Request Chain 331
  • https://gcdn.2mdn.net/videoplayback/id/a8e44b2ad166d4fe/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3844999464/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/5D014034C20072B1EA263C54C3C87337FB38A2D8.8D9B8222F386AA97B473EDB6D643EB18CA7B9A8E/key/ck2/file/file.mp4 HTTP 302
  • https://r5---sn-4g5lznez.c.2mdn.net/videoplayback/id/a8e44b2ad166d4fe/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3844999464/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/305D38108F8566BBD69DB9F6D164C4A972B58C3D.591C4FFE09F9A00550A97B210A36A768186FA839/key/cms1/cms_redirect/yes/mh/cA/mip/2001:ac8:20:3a00:1012:57e0:9325:a4a4/mm/42/mn/sn-4g5lznez/ms/onc/mt/1700751425/mv/m/mvi/5/pl/50/file/file.mp4 HTTP 302
  • https://r3---sn-4g5lznez.c.2mdn.net/videoplayback/id/a8e44b2ad166d4fe/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3844999464/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/305D38108F8566BBD69DB9F6D164C4A972B58C3D.591C4FFE09F9A00550A97B210A36A768186FA839/key/cms1/cms_redirect/yes/mh/cA/mip/2001:ac8:20:3a00:1012:57e0:9325:a4a4/mm/42/mn/sn-4g5lznez/ms/onc/mt/1700751425/mv/m/mvi/5/pl/50/ir/1/rr/46/file/file.mp4
Request Chain 347
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=gmanetwork.com&sn=ChromeSyncframe&so=3&topUrl=www.gmanetwork.com&bundle=AcNcvF9XSFdLOUZLRUIzOGZuODJadm5PcWV6aUJLWTNia1liSCUyRnY1NTJpZ2F6dk9pTVZubjVmZGo5b1c2OXg5QUhFaSUyRllWcUVhTTRBQUp4JTJGU2tOa2FvSUVDYVVyZ2N5bG80TUVtMXk2ZjFBZkhOc283ejFVeXBCZExOYWNzSFVhWjZCTkFGZUdNZGJQRmR4QWxJa0RFeTgzWUElM0QlM0Q&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=V6g9e3w4NGNXaWFySDI5eTNnMG96QjdzbTFvcEI2VHVEOWp2VkRaZGdzbkJTdXFaZ092K0FRdHBKVFhpTU9OOEtNa2ZvRHpkYjVpRWxGRVh4L1VBNkgyNGI3NDhabmxZZDlrSnBoZDJPT3ZyS2VFTHpwNDZkYTBiSkgxbUNpMVh2OGsxTG85cTJ6NFJlZTZLSk9Hd3RHT3YrREd2ZnBOK0tnTHRXR1pZWjlJWWN5Nm1EUDJkWWxZR2VBbGhpMHVIcWxob1d6RkQydE05VjNCVzRNaktQSTFMUDRDUkFNaFdkN0JPK2hxbEo2aDdmY0RYNWduNWJPNENXTmZLSWt6RHgvNUJ6d1M4enY2Qk02MjRNVG9ZWFpvR2lKeFJMblM5UkYvaEsyTU1PZTM0VnEzVT18&cppv=2
Request Chain 369
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-gj2KscyNEPrsLnsI-fhaS2wBwXt5Zb-1KSth2g&google_cm&google_hm=ay1najJLc2N5TkVQcnNMbnNJLWZoYVMyd0J3WHQ1WmItMUtTdGgyZw HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-gj2KscyNEPrsLnsI-fhaS2wBwXt5Zb-1KSth2g&google_gid=CAESEOs9l9fRfItlQ6pnuYRmiFc&google_cver=1&google_ula=913071,0
Request Chain 371
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1095307074585270627
Request Chain 382
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=EbTBdsfXdBLVV49AL1NN3ff9OQt0Vtj0 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=EbTBdsfXdBLVV49AL1NN3ff9OQt0Vtj0
Request Chain 398
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=GFJHGUzArl-zZ09fNlafDz6oJENj4QHX
Request Chain 399
  • https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
  • https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=Xv5zx3oly7UiXn7p-QT6ehIiMH-wI_wU
Request Chain 422
  • https://sync.aralego.com/idsync HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/dedbe993-e634-3146-9279-7e7d813fb7ae?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-0RtpC11E2oU4RvnBPB.RAwGw8fFn0RTjIfArUbs-~A&redirect=
Request Chain 424
  • https://as.ck-ie.com/prebid.gif?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D HTTP 302
  • https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=726f720961fad54b8b85202f122aeaab9bd9b25e72901b939894d18e01d11f8d
Request Chain 431
  • https://ssum.casalemedia.com/usermatchredir?s=194962&limit=50&cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
  • https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZV9rrGIUNkZJLd0s5LYUhQAA%265156

433 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.gmanetwork.com/
Redirect Chain
  • http://www.gmanetwork.com/
  • https://www.gmanetwork.com/
510 KB
131 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:7c00:d:a120:a940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
eqmod_httpd v1.0 (author: mon sarmiento) /
Resource Hash
7b7d39175695b4e40a3e354284f63bbf7e68b38b00d390b56e921799dcc972f8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization, X-Requested-With
access-control-allow-methods
POST, OPTIONS, GET, PUT
access-control-allow-origin
www.gmanetwork.com
access-control-max-age
1
age
866
cache-control
max-age=120, public
content-encoding
gzip
content-length
133433
content-type
text/html; charset=UTF-8
date
Thu, 23 Nov 2023 14:57:10 GMT
etag
"1700780230"
p3p
CP="NON DSP LAW CUR ADM DEV TAI PSA PSD HIS OUR DEL IND UNI PUR COM NAV INT DEM CNT STA POL HEA PRE LOC IVD SAM IVA OTC"
server
eqmod_httpd v1.0 (author: mon sarmiento)
vary
Accept-Encoding
via
1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront)
x-amz-cf-id
c0fqIyPq9zpfGzE2FUXUdmEzl6xCmJYGq5kcNJ7UZuu1-liLtshHqg==
x-amz-cf-pop
FRA56-P4
x-cache
Hit from cloudfront
x-elapsed-time
366312 microseconds

Redirect headers

Connection
keep-alive
Content-Length
167
Content-Type
text/html
Date
Thu, 23 Nov 2023 15:11:36 GMT
Location
https://www.gmanetwork.com/
Server
CloudFront
Via
1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
X-Amz-Cf-Id
kLBeSQLya7YmRH8sStcQ8ZRuhe4TYCRQnLRADqsjn_FT2eR2TKwMig==
X-Amz-Cf-Pop
FRA56-P4
X-Cache
Redirect from cloudfront
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		99 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
659fb269caef27fb6c733c44505593fb6f6279d3a0ae5efd6a581b07432cef10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30810
x-xss-protection
0
server
cafe
etag
692 / 19684 / 31079745 / config-hash: 16204867678510254442
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 23 Nov 2023 15:11:36 GMT
jx-GM29180G0dns.min.js
scripts.jixie.media/onescript/GM180iIHc4/ 		196 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.jixie.media/onescript/GM180iIHc4/jx-GM29180G0dns.min.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.91.74.174 , Mexico, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
openresty /
Resource Hash
ece028cb789206aad16cd8850d3710df9d6bc7921fd4ec3db36da52d206844b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

nginx-hit
1
date
Thu, 23 Nov 2023 15:11:38 GMT
x-amz-version-id
TDt0mUuWqW7YDK3p52J0OxgfAn7RZuJc
via
LA-MEX-queretaro-EDGE1-CACHE3[5],LA-MEX-queretaro-EDGE1-CACHE4[0,TCP_HIT,2],LA-MEX-mexicocity-GLOBAL1-CACHE18[530],LA-MEX-mexicocity-GLOBAL1-CACHE30[280,TCP_MISS,528],EA-SGP-GLOBAL1-CACHE19[4],EA-SGP-GLOBAL1-CACHE29[0,TCP_HIT,1]
x-ccdn-cachettl
2592000
content-encoding
gzip
x-amz-request-id
427JNB0CD6X54Y1Z
age
5491920
x-amz-server-side-encryption
AES256
x-amz-id-2
YDGgQ9ksmdUue6XSQSxvHZuvlTsyR4jRgdaXVrQ5AeRozPA7cuyZdzeHeeJCAJie8ORpHD2HPoA=
last-modified
Thu, 21 Sep 2023 01:38:51 GMT
server
openresty
etag
W/"03b574633b5ea1c954ecbf04bc6cd534"
x-amz-meta-x-amz-meta-updatedat
2023-09-21T01:38:50Z
x-amz-meta-x-amz-meta-createdat
2022-11-10T03:53:21Z
access-control-max-age
86400
content-type
text/plain
access-control-allow-origin
*
x-ccdn-expires
2284618
x-hcs-proxy-type
1
jxpublisher_3_1.min.js
scripts.jixie.media/ 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.jixie.media/jxpublisher_3_1.min.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.91.74.174 , Mexico, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
openresty /
Resource Hash
36024d3bf555aee369a2f13d45543654b0c0bd75e556bfb8267da71b2d3eedf5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

nginx-hit
1
date
Thu, 23 Nov 2023 15:11:38 GMT
x-amz-version-id
l0Eqd7RJL.CtggfdOkOolHJW4tsFpLPq
via
LA-MEX-queretaro-EDGE1-CACHE3[2],LA-MEX-queretaro-EDGE1-CACHE6[0,TCP_HIT,0],LA-MEX-mexicocity-GLOBAL1-CACHE18[646],LA-MEX-mexicocity-GLOBAL1-CACHE30[282,TCP_MISS,645],EA-SGP-GLOBAL1-CACHE12[35],EA-SGP-GLOBAL1-CACHE29[30,TCP_MISS,34]
x-ccdn-cachettl
2592000
content-encoding
gzip
x-amz-request-id
448JPGSQPJH7DHDK
age
303834
x-amz-server-side-encryption
AES256
x-amz-id-2
o7irbGOyUKAchLL/jwyeEz5Ft6619WsAt6AngAfwfNNeAinKzBKc667Qu/aAmMmq7Ku4vruej+M=
last-modified
Mon, 20 Nov 2023 02:47:41 GMT
server
openresty
etag
W/"34ff5708782ad8ebc2d829b315caf00f"
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
x-ccdn-expires
2464758
x-hcs-proxy-type
1
btstrap.css
www.gmanetwork.com/res/portal_revamp/css/dist/ 		108 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gmanetwork.com/res/portal_revamp/css/dist/btstrap.css
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:7c00:d:a120:a940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
eqmod_httpd v1.0 (author: mon sarmiento) /
Resource Hash
932470ea29d7b4b6f4440a502d623ee306108bf3604d0d020f49e496c2e3e4ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:04:29 GMT
content-encoding
gzip
via
1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
age
426
x-cache
Hit from cloudfront
p3p
CP="NON DSP LAW CUR ADM DEV TAI PSA PSD HIS OUR DEL IND UNI PUR COM NAV INT DEM CNT STA POL HEA PRE LOC IVD SAM IVA OTC"
content-length
18351
last-modified
Thu, 10 Oct 2019 12:33:38 GMT
server
eqmod_httpd v1.0 (author: mon sarmiento)
etag
"1700780669"
access-control-max-age
1
access-control-allow-methods
POST, OPTIONS, GET, PUT
content-type
text/css
access-control-allow-origin
www.gmanetwork.com
cache-control
max-age=1209600, public
access-control-allow-credentials
true
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Authorization, X-Requested-With
x-amz-cf-id
-lEAmLP_GkL_ceIdkLIqDRvduZZSTf38E5wav3EOB9R-dan_pI8ojg==
x-elapsed-time
9863 microseconds
portal.css
www.gmanetwork.com/res/portal_revamp/css/dist/ 		34 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gmanetwork.com/res/portal_revamp/css/dist/portal.css
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:7c00:d:a120:a940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
eqmod_httpd v1.0 (author: mon sarmiento) /
Resource Hash
3b2be61a83e01c43ccf834973e765254111cb35051088b45c3ae9080db7cf44a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:04:30 GMT
content-encoding
gzip
via
1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
age
426
x-cache
Hit from cloudfront
p3p
CP="NON DSP LAW CUR ADM DEV TAI PSA PSD HIS OUR DEL IND UNI PUR COM NAV INT DEM CNT STA POL HEA PRE LOC IVD SAM IVA OTC"
content-length
6034
last-modified
Tue, 19 Sep 2023 06:05:56 GMT
server
eqmod_httpd v1.0 (author: mon sarmiento)
etag
"1700780670"
access-control-max-age
1
access-control-allow-methods
POST, OPTIONS, GET, PUT
content-type
text/css
access-control-allow-origin
www.gmanetwork.com
cache-control
max-age=1209600, public
access-control-allow-credentials
true
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Authorization, X-Requested-With
x-amz-cf-id
Vkt9VXFxIfXtcq91ZsmbHR5oyGpgSguj3qNr9xcmwqaZlvzsCHqdBA==
x-elapsed-time
5257 microseconds
header_style.css
aphrodite.gmanetwork.com/assets/revamp/css/build/widgets/ 		27 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aphrodite.gmanetwork.com/assets/revamp/css/build/widgets/header_style.css
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:c00:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
378d1668b3f15aeed82f6b1ccf730361134e41f8902dac2d97d66a93cedd9af9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
date
Thu, 23 Nov 2023 15:11:02 GMT
last-modified
Tue, 25 Jul 2023 07:30:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
42
etag
W/"24b9c720576e0d681d6534f6ac0d817c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=120,public
x-amz-cf-id
NcFZr9o3TgjyYi5HPa3JxKO3KRvhuYgrH7fnqLksoVGBW_yoy-ys_g==
footer_style.css
aphrodite.gmanetwork.com/assets/revamp/css/build/widgets/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aphrodite.gmanetwork.com/assets/revamp/css/build/widgets/footer_style.css
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:c00:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e9c07b64929788c254b08a05911877196ddadae343015f18840f9253d8001a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
date
Thu, 23 Nov 2023 15:10:02 GMT
last-modified
Mon, 13 Dec 2021 05:34:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
96
etag
W/"8b4c8cae5526d80752ee80f03efe4465"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=120,public
x-amz-cf-id
86Yht1xsyq43UdDMHPENFV1_Fa5EYP37ZE4Prl_CgMgD1RX9UT9cRA==
fontello.woff2
aphrodite.gmanetwork.com/assets/revamp/fonts/icons/ 		14 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aphrodite.gmanetwork.com/assets/revamp/fonts/icons/fontello.woff2
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:c00:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8a41c38a73c88d41f76fee0ff176b1fb6c365e688f23e8c8e11a4a81638f158c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 23 Nov 2023 15:10:02 GMT
via
1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
last-modified
Thu, 10 Oct 2019 12:34:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
96
etag
"f7d914c20b6df8faac5c74ee903a3f9b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
binary/octet-stream
cache-control
max-age=120,public
content-length
14692
x-amz-cf-id
K8Yz2J1WY7o1W8HyLQNh2IXS1PjsI8qf7J0HDAEZ23gkqQgh3o4q2Q==
glyphicons-halflings-regular.woff
images.gmanetwork.com/res/fonts/ 		23 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://images.gmanetwork.com/res/fonts/glyphicons-halflings-regular.woff
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-48.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2cc5dd9cf420eefb86d6bf881ddd2b8f77f83975405911050f7b0ca081dc41d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:10:02 GMT
via
1.1 7dbea139a5c4f501bc4b0e9d19a50c9a.cloudfront.net (CloudFront)
last-modified
Tue, 05 Nov 2019 09:48:08 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P5
age
95
etag
"5eae1f7217b606d3580dd70ac840fea1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/font-woff
cache-control
max-age=120,public
content-length
23292
x-amz-cf-id
O9vgEHBEmFGKeRmWTBXc63xn91JP_Usp5Mvy2WwYonTJaFMPxci3Uw==
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300|Open+Sans|Raleway:300|Roboto+Condensed:300&display=swap
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
415c096c8fef11146025d09782f6b01569eb08dac17e60c92b6d0739f406876d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 23 Nov 2023 15:11:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 23 Nov 2023 15:11:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Nov 2023 15:11:36 GMT
css
fonts.googleapis.com/ 		23 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic&display=swap
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fdc97bcb8264dd4cd41bbdd41f4edf2312ae63352b266d749111bfb41adb1bbf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 23 Nov 2023 15:11:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 23 Nov 2023 15:11:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Nov 2023 15:11:36 GMT
global.js
aphrodite.gmanetwork.com/assets/revamp/js/build/globals/ 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aphrodite.gmanetwork.com/assets/revamp/js/build/globals/global.js?v=
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:c00:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1f5c424742815736049a0dc812c6d96a9fa9d9e503f69a41e6548ba221712610

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
date
Thu, 23 Nov 2023 15:11:37 GMT
last-modified
Wed, 08 Nov 2023 08:38:08 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
5
etag
W/"ed595f8bd71758bc6afd92cd8da1d11f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=120,public
x-amz-cf-id
-I-8XneMBeP4Gk6pszflNSBZQw2YVyMCu24ciucUo8FJelAAPNvGKA==
prod-global-179580.js
rtbcdn.andbeyond.media/ 		211 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtbcdn.andbeyond.media/prod-global-179580.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.67.52 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d41ef500024d90580d8726687e4865284b5630f1f41367393ff50ff4f2917a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
giAZXVjY.yS5kiw8ACBvXOSB9Eo3_EXo
content-encoding
gzip
via
1.1 varnish
date
Thu, 23 Nov 2023 15:11:37 GMT
x-amz-request-id
SQSK9XP8PE21JAQ3
age
88
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
26122
x-amz-id-2
t0Qx3AJj6MJT6oz8knOqCTiK8UWjT7ajOnmgx1rmPxesP/blTsennXjk+sAUwH0jclzpRRx6+8uUbXTtdRRizg==
x-served-by
cache-fra-eddf8230103-FRA
last-modified
Thu, 23 Nov 2023 05:46:00 GMT
server
AmazonS3
x-timer
S1700752298.562935,VS0,VE1
etag
"821460ae54958d43509002d68609d4ff"
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
x-cache-hits
1
chartbeat_mab.js
static.chartbeat.com/js/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2646:cc00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
cb83af0eec1fb71fb35196225c4a4a8964b7e47b52f9a85679c808907abd2b09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 22:00:46 GMT
content-encoding
gzip
via
1.1 c9b44fbd4230c7c5b0750a98fbcd9df6.cloudfront.net (CloudFront)
last-modified
Thu, 16 Nov 2023 02:00:31 GMT
server
nginx
x-amz-cf-pop
FRA60-P5
age
61851
etag
W/"655577bf-5df1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
2g35SkgDqgi6-jXv87ri0Q_ZUZhRYsqu7ZrofLWgF71uRJh-VdO_gA==
expires
Thu, 23 Nov 2023 22:00:46 GMT
portal.js
www.gmanetwork.com/res/portal_revamp/js/dist/ 		127 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gmanetwork.com/res/portal_revamp/js/dist/portal.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:7c00:d:a120:a940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
eqmod_httpd v1.0 (author: mon sarmiento) /
Resource Hash
7e74f145bb6188295987d4055b46662abf9b1e7e581183fb08ad33da47169e04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:04:30 GMT
content-encoding
gzip
via
1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
age
427
x-cache
Hit from cloudfront
p3p
CP="NON DSP LAW CUR ADM DEV TAI PSA PSD HIS OUR DEL IND UNI PUR COM NAV INT DEM CNT STA POL HEA PRE LOC IVD SAM IVA OTC"
content-length
30661
server
eqmod_httpd v1.0 (author: mon sarmiento)
etag
"1700780643"
access-control-max-age
1
access-control-allow-methods
POST, OPTIONS, GET, PUT
content-type
application/x-javascript
access-control-allow-origin
www.gmanetwork.com
cache-control
max-age=1209600, public
access-control-allow-credentials
true
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Authorization, X-Requested-With
x-amz-cf-id
2EGVGpBWCOqGxp7LTWYFyZd92CHW9mb5uLEs-zFf_0p-WBdvasMBMg==
x-elapsed-time
217 microseconds
header.js
aphrodite.gmanetwork.com/assets/revamp/js/build/widgets/ 		49 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aphrodite.gmanetwork.com/assets/revamp/js/build/widgets/header.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:c00:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6cc034fe4dbedb8eb1d97c550bc0b5a394b294053ef50409c87c951e2feb626f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
date
Thu, 23 Nov 2023 15:10:47 GMT
last-modified
Mon, 13 Nov 2023 07:42:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
78
etag
W/"bf91e8c3f329c35d8eac01588067aab7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=120,public
x-amz-cf-id
mjgwB31UJyU7UO4Lr368b6jPKw-3M_3A-m_NeDWFwffrtF-u1TrC8Q==
footer.js
aphrodite.gmanetwork.com/assets/revamp/js/build/widgets/ 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aphrodite.gmanetwork.com/assets/revamp/js/build/widgets/footer.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:c00:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2eae23d81189464bfbeff599e5b01c07956f77b4e9fd7557cc16a93fd5c2f9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
date
Thu, 23 Nov 2023 15:10:02 GMT
last-modified
Wed, 08 Nov 2023 08:38:08 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
96
etag
W/"fa6b460c0e57140c6da6da98a715e3c3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=120,public
x-amz-cf-id
L7Z0krr9LvW4Hi1p_4bEZ1YiMjJKUXYYWJTLhKLLvP0b0CQaQY_NTw==
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=CaptchaCallback&render=explicit
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0ca9456ebb7700467fdf8b4ff8b9ac1794793060a018886a0409e0aae2eebfed
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 23 Nov 2023 15:11:37 GMT
interstitial.js
aphrodite.gmanetwork.com/assets/revamp/js/src/widgets/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aphrodite.gmanetwork.com/assets/revamp/js/src/widgets/interstitial.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:c00:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
516b9ededf97d420fff1b84e80f1f1e2fcc3cd60b713a8b56a3dc51e365c2cf4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
date
Thu, 23 Nov 2023 15:10:02 GMT
last-modified
Thu, 10 Oct 2019 12:34:13 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
96
etag
W/"5403ca8c5c5ea9759a3f7de74742cbfc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=120,public
x-amz-cf-id
aeV_seyT1NM_jHdlWGYsyGGovosdV93P6MnheB-Tu_VA202hwb3EBA==
dfp.min.js
aphrodite.gmanetwork.com/assets/revamp/js/libs/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aphrodite.gmanetwork.com/assets/revamp/js/libs/dfp.min.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:c00:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cc65b850444ef04ef08e3ace3d13e19b693c6c07543ddde89579fcd3326771eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
date
Thu, 23 Nov 2023 15:10:02 GMT
last-modified
Thu, 03 Nov 2022 05:58:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
96
etag
W/"551b7bbd8ad5dd610b86a1c61bff6177"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=120,public
x-amz-cf-id
AtUrqmDsKgC3-TI39aSTHcFWsslq0ZU4QUABS1RZF-hFru3uAcwjxQ==
iframe_content_resizer.min.js
images.gmanetwork.com/res/js/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://images.gmanetwork.com/res/js/iframe_content_resizer.min.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-48.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5695f8317f3c82772c4793fb9145d45cd56cc43d79b27737a37e3bd030ab3baa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:36 GMT
content-encoding
gzip
via
1.1 7dbea139a5c4f501bc4b0e9d19a50c9a.cloudfront.net (CloudFront)
last-modified
Thu, 14 Nov 2019 08:05:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P5
age
27
etag
W/"e03fb3c975393abb286d6a5b41bd362b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=120
x-amz-cf-id
b_ZUmLTfkXBxkRd_ejo72n-nlLZ9nK-6jwOQlZegNZRA0R_BJoWoCQ==
dfp_portal.js
aphrodite.gmanetwork.com/assets/revamp/js/libs/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aphrodite.gmanetwork.com/assets/revamp/js/libs/dfp_portal.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:c00:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fa1a3bdc205ed130a486970f4c2037ff1003c697c5b6174296e1d3acb2976aac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
date
Thu, 23 Nov 2023 15:10:02 GMT
last-modified
Mon, 20 Feb 2023 02:36:08 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
96
etag
W/"a0e71cb20298576e4cdeae0e309f43a6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=120,public
x-amz-cf-id
vxI69bAugJ1pVpE7iCspoXk_coAuNf3LBp0dwo5Uln7HdNDqsLlhtA==
js
www.googletagmanager.com/gtag/ 		173 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-242242-18
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
40c84dfb91da49bb7e4aa1db312d9e3985c60e3fa263a4ff6623c31a45736f8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
64595
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 23 Nov 2023 15:11:37 GMT
quantcast.js
aphrodite.gmanetwork.com/assets/revamp/third_party/ 		555 B
932 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aphrodite.gmanetwork.com/assets/revamp/third_party/quantcast.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:c00:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4a23bb9735adef0d14b41b552116f24a195b12d47029a6725305e921c5410ebf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 23 Nov 2023 15:10:47 GMT
via
1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
last-modified
Thu, 04 Nov 2021 07:00:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
78
etag
"9d9ea6cf6cba460f511a5b81a18c3c6d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=120,public
content-length
555
x-amz-cf-id
r6V3vE9xqkRnvT4tnSYR3FaNdHqDk0srhQjuXhd6b4ccEP7gKI7bpg==
css
fonts.googleapis.com/ 		2 KB
606 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Ubuntu:400&display=swap
Requested by
Host: aphrodite.gmanetwork.com
URL: https://aphrodite.gmanetwork.com/assets/revamp/css/build/widgets/header_style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b7506715d8ff403a7e4a56b46e757ecd12c8a59e4c48d8f0478b62186f51bb1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aphrodite.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 23 Nov 2023 15:11:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 23 Nov 2023 15:11:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Nov 2023 15:11:37 GMT
moatheader.js
z.moatads.com/gmanmigamheader860109928859/ 		244 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/gmanmigamheader860109928859/moatheader.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
4707a9ffea591173553e19e83e1ef9d2c2e6ab1a99c53e786ce085f5f3ed3ee2

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Thu, 23 Nov 2023 15:11:37 GMT
content-encoding
gzip
last-modified
Tue, 31 Oct 2023 08:17:31 GMT
server
AmazonS3
x-amz-request-id
A92M6VNWC9ZJB9Q5
etag
"6c1578b189308b23f7c5b34085eed8fd"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=56621
accept-ranges
bytes
content-length
87023
x-amz-id-2
c2kABsab76pgQbF+up+teojKrHkDPoEcs/c4Wo5DmYRETeYHx6P2Xv/Cl5gqvYTQQDGMD2JHQbk=
v2
mb.moatads.com/yi/ 		608 B
788 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BY%24%3D!%5Dx%24P%5Bh3MrI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C2%2C2%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-jH0pLg%2FQrWHiKYvbY%2BOEbHHfl7P4J7uhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-QHLFnnduOmx%2BSA%3D%3D&sc=1&os=1-3A%3D%3D&qp=10000&is=&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.gmanetwork.com%2F&pcode=gmanmigamheader860109928859&rx=508261199694&callback=MoatNadoAllJsonpRequest_28032288
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/gmanmigamheader860109928859/moatheader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.162.160.243 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
2be0b4a2461891c0fa8e893d06be2d1ee05cf40e27fb50003875b54a2de4ac4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:40 GMT
server
istio-envoy
etag
"7eea32bf978d855b8d8e6f04db185a33fe0e0e37"
content-type
text/html; charset=UTF-8
cache-control
max-age=900
x-envoy-upstream-service-time
807
timing-allow-origin
*
content-length
608
iframe.html
z.moatads.com/hd09824092/ Frame 08E4 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/hd09824092/iframe.html
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/gmanmigamheader860109928859/moatheader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68

Request headers

Referer
https://www.gmanetwork.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=479
content-length
1374
content-type
text/html
date
Thu, 23 Nov 2023 15:11:37 GMT
etag
"4a9cbc2e5bc164313dace42a58bef141"
last-modified
Tue, 26 Jan 2021 22:41:39 GMT
server
AmazonS3
x-amz-id-2
tXhAc64MXavoo2Ys7gL4K0CHvWdnnjW6yMDYhattkSwkbmjydK4ZTHB9EYLhbnHzR5lAnVYPFb8=
x-amz-request-id
7Y2H1YDSCY2G4ZCG
moat_yield_intelligence.min.js
images.gmanetwork.com/res/dist/js/third_party/ 		917 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://images.gmanetwork.com/res/dist/js/third_party/moat_yield_intelligence.min.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-48.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6fe3c3849b8d63009dc4c89ff20e418ca4cea135043dd36551a9b9b2af3e41b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 07:50:56 GMT
via
1.1 7dbea139a5c4f501bc4b0e9d19a50c9a.cloudfront.net (CloudFront)
last-modified
Wed, 21 Sep 2022 09:29:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P5
age
26442
etag
"b43fadd36888cf3c8b5fbdc2dfbf3aad"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
content-length
917
x-amz-cf-id
iN7ne3oMzDbi2WgI3DmVXwvsR9j8wnwLuCgqtSWLt_dH-HQPXQsCuA==
channels.cgi
gma.gscontxt.net/multizone/ 		410 B
488 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gma.gscontxt.net/multizone/channels.cgi?url=https%3A%2F%2Fwww.gmanetwork.com%2F
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
129.213.64.139 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
/
Resource Hash
141b8f57348911d9378499b7fd7485924578cf14794bd127bd93d814e8d34069

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Length
410
Content-Type
application/javascript
chartbeat.js
static.chartbeat.com/js/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2646:cc00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 20:48:44 GMT
content-encoding
gzip
via
1.1 c9b44fbd4230c7c5b0750a98fbcd9df6.cloudfront.net (CloudFront)
last-modified
Thu, 16 Nov 2023 01:59:58 GMT
server
nginx
x-amz-cf-pop
FRA60-P5
age
66173
etag
W/"6555779e-94a1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
IvF8Gn_N9MHxt2VySCg_vf6WiFKGn3kGw3tq2xox--Txa8gtLVFuvQ==
expires
Thu, 23 Nov 2023 20:48:44 GMT
fontello.woff2
aphrodite.gmanetwork.com/assets/revamp/fonts/icons/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://aphrodite.gmanetwork.com/assets/revamp/fonts/icons/fontello.woff2
Requested by
Host: aphrodite.gmanetwork.com
URL: https://aphrodite.gmanetwork.com/assets/revamp/css/build/widgets/header_style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:c00:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
10906b8c7ee290918a54bb5510854a38d276b9419e7f91d3781b7af6aeeaebfb

Request headers

Referer
https://aphrodite.gmanetwork.com/assets/revamp/css/build/widgets/header_style.css
Origin
https://www.gmanetwork.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 23 Nov 2023 15:10:50 GMT
via
1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
56
x-cache
Hit from cloudfront
content-length
14692
last-modified
Thu, 10 Oct 2019 12:34:10 GMT
server
AmazonS3
etag
"f7d914c20b6df8faac5c74ee903a3f9b"
access-control-max-age
3000
access-control-allow-methods
GET, POST, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=120,public
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
g-7p4CjyRYbCH_dPi-d6QuicqnjnW7ahtKRBgDBbbHUxf4oPyeWiFA==
1Ptxg8zYS_SKggPN4iEgvnHyvveLxVuEorCIPrE.woff2
fonts.gstatic.com/s/raleway/v29/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v29/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVuEorCIPrE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300|Open+Sans|Raleway:300|Roboto+Condensed:300&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7dab5126b1bc9e642dc36a68128065562b26063d7090f894a9da793c6a0fbe3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.gmanetwork.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:28:36 GMT
x-content-type-options
nosniff
age
513781
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22416
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:56:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 16:28:36 GMT
ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyXsosBO5Xw.woff2
fonts.gstatic.com/s/robotocondensed/v27/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v27/ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyXsosBO5Xw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300|Open+Sans|Raleway:300|Roboto+Condensed:300&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3349196225a9f9ab7479b3c69e1a88774c6a9e536e325a27307d92c322248797
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.gmanetwork.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 21:01:58 GMT
x-content-type-options
nosniff
age
65379
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20896
x-xss-protection
0
last-modified
Wed, 18 Oct 2023 17:52:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Nov 2024 21:01:58 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.gmanetwork.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 14:29:28 GMT
x-content-type-options
nosniff
age
520929
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48432
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:40:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 14:29:28 GMT
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300|Open+Sans|Raleway:300|Roboto+Condensed:300&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.gmanetwork.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:04:32 GMT
x-content-type-options
nosniff
age
493625
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23236
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 22:04:32 GMT
4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v20/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.gmanetwork.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 17:54:07 GMT
x-content-type-options
nosniff
age
422250
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34852
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:31:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Nov 2024 17:54:07 GMT
gma-header-logo.svg
aphrodite.gmanetwork.com/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aphrodite.gmanetwork.com/gma-header-logo.svg
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:c00:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4265686660c12d10f6954d8dec60884933d680f10dd79a4ff7a76c016d62f39a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
date
Thu, 23 Nov 2023 07:40:42 GMT
last-modified
Fri, 03 Apr 2020 07:47:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
27058
etag
W/"6070135b0880a0cca74ba0fc1221e24f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
3TN9OG8j4b7Zbq0Vz1TAO8dVX3QcXF5BmtbG_fUDoc7hOE_4OjtUdg==
x-amz-meta-s3b-last-modified
20200403T073750Z
gma_white.png
aphrodite.gmanetwork.com/assets/revamp/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aphrodite.gmanetwork.com/assets/revamp/img/gma_white.png
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:c00:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8095e046d436d9957b442dad9827d0289469e91f12cd94f68ffc90198e3b4f31

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
Z1a4KR1IgQCUibmGiK2ThFq69ie8hdZd
date
Thu, 23 Nov 2023 15:11:15 GMT
via
1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
last-modified
Thu, 01 Feb 2018 07:44:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
28
etag
"e8749bb5058882d51032084665c54c4f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=180
content-length
1428
x-amz-cf-id
t7aU9ud4NZ6QhXqEZXngkhp0nOxPUhIQckICNVyVOTe-kMGo77RS7Q==
x-amz-meta-s3b-last-modified
20180201T034941Z
recaptcha__de.js
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ 		468 KB
188 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=CaptchaCallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
983871cac9e719263fcecaa540c4e1597c8ece1805845830ec21fef0e71d9f88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gmanetwork.com/
Origin
https://www.gmanetwork.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 08:23:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24509
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
192016
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 05:42:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Nov 2024 08:23:08 GMT
quant.js
secure.quantserve.com/ 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: aphrodite.gmanetwork.com
URL: https://aphrodite.gmanetwork.com/assets/revamp/third_party/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
77daa4388c965a3e23b5a6c800727d8025ab108f89cf5679e79136986d5b4561

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:37 GMT
content-encoding
gzip
etag
"e23JaXq4HVtlOmThpFhluQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Thu, 30 Nov 2023 15:11:37 GMT
jquery.lazyload.min.js
cdnjs.cloudflare.com/ajax/libs/jquery.lazyload/1.9.1/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery.lazyload/1.9.1/jquery.lazyload.min.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad79ce7e34d1a788809bb853031133de2ae45f3c19ac4955dae46c7490188c2e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1244678
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1120
last-modified
Mon, 04 May 2020 16:11:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec3-d35"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ESvL7M6nLt4NX9SaGbUocUozUsbJ5zNSXBTuh8u1EGRsNqS1%2BGbZR6NZR448p%2BeTRZweIeqmnxn1NNbgAhVZ5imc91P4QkYYgVRS5aCIzBCEyIarask82JWxadTono28QpinytaVCnPte4P2xJbpddZb"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
82aa58843fbf1c36-FRA
expires
Tue, 12 Nov 2024 15:11:37 GMT
dm-ce.min.js
statics.dmcdn.net/c/ 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://statics.dmcdn.net/c/dm-ce.min.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/res/portal_revamp/js/dist/portal.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
/
Resource Hash
533caf35f2cda9c367634996d96ef8a9482bd2b9a8ad56beb0d7bc6927bc7f6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:37 GMT
content-encoding
gzip
last-modified
Thu, 02 Nov 2023 03:56:52 GMT
age
40386
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
content-length
12947
x-llid
5b157448b42b98d7db44f012376b38b3
expires
Sat, 23 Dec 2023 03:58:31 GMT
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
logo.png
www.gmanetwork.com/res/portal_revamp/img/ 		132 KB
133 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gmanetwork.com/res/portal_revamp/img/logo.png
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:7c00:d:a120:a940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
eqmod_httpd v1.0 (author: mon sarmiento) /
Resource Hash
b5a70a13cd82b817774b908b31f96aa3d4e318dcb62aae93eaeb577f3ad621b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:37 GMT
via
1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
CP="NON DSP LAW CUR ADM DEV TAI PSA PSD HIS OUR DEL IND UNI PUR COM NAV INT DEM CNT STA POL HEA PRE LOC IVD SAM IVA OTC"
content-length
135029
server
eqmod_httpd v1.0 (author: mon sarmiento)
etag
"135029-1700781097"
access-control-max-age
1
access-control-allow-methods
POST, OPTIONS, GET, PUT
content-type
image/png
access-control-allow-origin
www.gmanetwork.com
cache-control
max-age=1209600, public
access-control-allow-credentials
true
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Authorization, X-Requested-With
x-amz-cf-id
9CLYeDK64gsXP2JGpMmB0wfC1nTbQQdlcvCeK31elAKt2dGTP9xAJA==
x-elapsed-time
334 microseconds
rainbow.png
www.gmanetwork.com/res/portal_revamp/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gmanetwork.com/res/portal_revamp/img/rainbow.png
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:7c00:d:a120:a940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
eqmod_httpd v1.0 (author: mon sarmiento) /
Resource Hash
2cb0fe4fabfbfa6e430ac7e58f817bcf765e196d05a9e5e14360b8ec948a0621

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:37 GMT
via
1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
CP="NON DSP LAW CUR ADM DEV TAI PSA PSD HIS OUR DEL IND UNI PUR COM NAV INT DEM CNT STA POL HEA PRE LOC IVD SAM IVA OTC"
content-length
2293
server
eqmod_httpd v1.0 (author: mon sarmiento)
etag
"2293-1700781097"
access-control-max-age
1
access-control-allow-methods
POST, OPTIONS, GET, PUT
content-type
image/png
access-control-allow-origin
www.gmanetwork.com
cache-control
max-age=1209600, public
access-control-allow-credentials
true
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Authorization, X-Requested-With
x-amz-cf-id
lF4kWdb8I8ZQgjDPQzAauEYqMkaOVuZcwIhPtE3dF86-W8Jv8ZVfvw==
x-elapsed-time
176 microseconds
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=gmanetwork.com&p=%2F&u=B0u2deC31FDgD1AssA&d=gmanetwork.com&g=67134&g0=Home&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=4658&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.gmanetwork.com%2F&b=2100&t=Md1McD5ZrhP6pFNLB-iBw1BfNW31&V=141&i=GMA%20Network%20%7C%20News%20and%20Entertainment&tz=-60&sn=1&sv=cQ2PzC_HAwthdykBWs9LNCZx4sJ&sd=1&im=067b0fff&_
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.175.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-175-30.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 23 Nov 2023 15:11:37 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
check
rtbdemand.apiip.net/api/ 		235 B
431 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtbdemand.apiip.net/api/check?accessKey=7ef45bac-167a-4aa8-8c99-bc8a28f80bc5&fields=countryCode,regionCode,regionName,city,timeZone,countryName
Requested by
Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-global-179580.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
bb2b67f368d14d849ed9616fc8fc9a4c0a138b8f5bccbb25363a5b7e0f0afd14

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:37 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"eb-Gt8InFibUqtVtpazCY/4y9r5RJQ"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
82aa58848f372be6-FRA
alt-svc
h3=":443"; ma=86400
gpt.js
www.googletagservices.com/tag/js/ 		101 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-global-179580.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e400b34d33ae7b052a9c9f5cbc3eb81cb5e725ae8a9b8db2c7f3bc7b623f3e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31813
x-xss-protection
0
server
cafe
etag
14 / 19684 / m202311090101 / config-hash: 16204867678510254442
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 23 Nov 2023 15:11:37 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		267 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-global-179580.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-213.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 14:17:06 GMT
content-encoding
gzip
via
1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront), 1.1 3fdf3aacaef6ec40c4eedb85c8144da2.cloudfront.net (CloudFront)
last-modified
Mon, 13 Nov 2023 20:18:45 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-C2
age
3272
etag
W/"2d08dd94de483579c1dc3f3783c06f6e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
Nh7efic42PFpSZmtpQ3OWfAYem4ckA0AYz9-tvPBQRlWzjIiVirxGg==
impstats.php
prebid.andbeyond.media/ 		69 B
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.andbeyond.media/impstats.php?aff=179580&type=pv
Requested by
Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-global-179580.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.39.24 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-39-24.ap-southeast-1.compute.amazonaws.com
Software
Apache/2.4.56 (Amazon Linux) OpenSSL/3.0.8 /
Resource Hash
115e7d79f79792d43cf85101fd2bb78e7c72890db5d5af08f909a780a9ed0b3e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 23 Nov 2023 15:11:38 GMT
Server
Apache/2.4.56 (Amazon Linux) OpenSSL/3.0.8
Connection
keep-alive
Content-Length
69
Content-Type
text/html; charset=UTF-8
a.js
p.adlooxtracking.com/gpt/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.adlooxtracking.com/gpt/a.js
Requested by
Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-global-179580.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.231.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.231.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
7ca7a1e30027e42d510cd253b29f1b9f505c04b9af48c9ed20804d9d8006faff
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 14:28:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 google
server
nginx
age
2611
etag
W/"81c857a6c52da1ca7444f198bd33b2ea"
last-modified
Tue, 22 Nov 2022 17:41:01 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public,max-age=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3703
prebid7.54.5-gma.js
rtbpass.andbeyond.media/ 		471 KB
147 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Requested by
Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-global-179580.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.67.52 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
911f8bf5fc6e99e7009d8ba1a822dc5ad70706ea54edad681d285215693e5958

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:38 GMT
content-encoding
br
via
1.1 varnish
x-amz-request-id
89V16504A5V3NX66
age
0
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
149904
x-amz-id-2
apABUr8wMtDq1bQOyoH9gNQTtvnKiMCl6QBAShGSogrCLy91HVsMRrS737m82uiVmYpv6hv00iI=
x-served-by
cache-fra-eddf8230103-FRA
last-modified
Mon, 23 Oct 2023 04:44:42 GMT
server
AmazonS3
x-timer
S1700752298.672784,VS0,VE784
etag
"1fd5a2c1c9ba61f181eb0ae2f44b465b"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=86400
accept-ranges
bytes
x-cache-hits
1
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-242242-18
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 23 Nov 2023 13:19:54 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
6703
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 23 Nov 2023 15:19:54 GMT
js
www.googletagmanager.com/gtag/ 		255 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-B4FW0S5GFB&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-242242-18
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
422ba40e0c4b5b757a49125398d403f1815b672cddd72e7eddeffb1497e5c568
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
88859
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 23 Nov 2023 15:11:37 GMT
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		159 B
483 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=gmanetwork.com&domain=gmanetwork.com&path=%2F
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4485a31f8636be02acd5e3ad5c9fedf9a0ba89906c5ba327c0f2d06787ea8cf5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-cache-hits
1
date
Thu, 23 Nov 2023 15:11:37 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
78
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
126
x-served-by
cache-fra-eddf8230040-FRA
x-timer
S1700752298.710680,VS0,VE1
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Tue, 21 Nov 2023 15:10:19 GMT
900_675_CSID-CMS_-20231108103927.jpg
aphrodite.gmanetwork.com/entertainment/videos/images/ 		112 KB
112 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aphrodite.gmanetwork.com/entertainment/videos/images/900_675_CSID-CMS_-20231108103927.jpg
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:c00:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fd17e8a0d154667c61ba568d2f3b72859b9a834c40a446e996272be80cdf7eee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 23 Nov 2023 08:35:18 GMT
via
1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
last-modified
Wed, 08 Nov 2023 02:39:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
23780
etag
"61dd7f7f49d0d4c346b4373c3d1c5b95"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
x-amz-storage-class
REDUCED_REDUNDANCY
content-length
114520
x-amz-cf-id
JGke56HMuTpLK4puiNtb8HW-gYLNsNl3yUx_745Ne3OX6psALDZ0Mw==
900_675_28_-20231114181428.jpg
aphrodite.gmanetwork.com/entertainment/articles/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aphrodite.gmanetwork.com/entertainment/articles/900_675_28_-20231114181428.jpg
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:c00:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e61dccde5f5de2d9af96bca8926a2ea276063a1055fccef41f17137920daefb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 23 Nov 2023 10:02:46 GMT
via
1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
last-modified
Tue, 14 Nov 2023 10:14:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
18532
etag
"546be50efac3adee9ab77c186be8751b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
x-amz-storage-class
REDUCED_REDUNDANCY
content-length
43079
x-amz-cf-id
rC1Mb-W7p60_Nm5M-T_CXi74FRE4Dnp6UraPwO_Lr95U61a8W7AYMQ==
900_675_9_-20231123154852.jpg
aphrodite.gmanetwork.com/entertainment/articles/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aphrodite.gmanetwork.com/entertainment/articles/900_675_9_-20231123154852.jpg
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:c00:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4ea50e0c9b3f7750fd4f01735f3c83c64f2ced8435701d11f19dc9d3c856434d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 07:54:04 GMT
x-amz-version-id
null
via
1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
last-modified
Thu, 23 Nov 2023 07:48:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
26254
etag
"66b1353b324b6d0b1ea0319c2089b4bc"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-storage-class
REDUCED_REDUNDANCY
content-length
52333
x-amz-cf-id
1utbIopWEkyPiTxyk4gcKXyA9O4sKgX2ftHnOo6ftkKPy9dreMxj9w==
1200_675_TVShow_MainTCARD_-20220622115633.png
aphrodite.gmanetwork.com/entertainment/shows/images/ 		285 KB
286 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aphrodite.gmanetwork.com/entertainment/shows/images/1200_675_TVShow_MainTCARD_-20220622115633.png
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:c00:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
36ae90dd673a100b1fc1baede232d2d217535bcc36bb5c53a21f90ee8c17cb87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 08:42:08 GMT
x-amz-version-id
null
via
1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
last-modified
Wed, 22 Jun 2022 03:56:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
23369
etag
"ecb0bfdcaaafca2e9f95a33ecc184e33"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-storage-class
REDUCED_REDUNDANCY
content-length
291841
x-amz-cf-id
O2X2p8qBSbPCqeO7L1MZQuqWTYAM4vH_ACc9sgghiO_vZD6XzSiLaw==
900_675_Main_Image06_1118_-20231118095057.jpg
aphrodite.gmanetwork.com/entertainment/articles/ 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aphrodite.gmanetwork.com/entertainment/articles/900_675_Main_Image06_1118_-20231118095057.jpg
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:c00:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4cda4bf9a93b684d19e62ba95325a2ef2d02a1474c650f1728dbf2526bd84d31

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 23 Nov 2023 03:29:07 GMT
via
1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
last-modified
Sat, 18 Nov 2023 01:51:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
42151
etag
"2453e89932514ed12dc1df2bd9758cae"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
x-amz-storage-class
REDUCED_REDUNDANCY
content-length
60638
x-amz-cf-id
S1JHFqfYgjDKuTIewDa_tgciFMpmSr1ATUdH4hSA4Mu3LNFfjYcFaA==
480_360_Main_Image02_1122_-20231122141159.jpg
aphrodite.gmanetwork.com/entertainment/articles/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aphrodite.gmanetwork.com/entertainment/articles/480_360_Main_Image02_1122_-20231122141159.jpg
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:c00:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
be8b82cc4b0eb56e82712c74a3ae95930167e9c287ebaea1ac232535d0b0e9dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 23 Nov 2023 06:46:38 GMT
via
1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
last-modified
Wed, 22 Nov 2023 06:12:03 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
30300
etag
"c16f6c7d70e14aae0b73473eb8e65abb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
x-amz-storage-class
REDUCED_REDUNDANCY
content-length
14712
x-amz-cf-id
VeaFMVXl7iqF0W-s6OFhdROmReZgjkbqp2uJrNYX0SYejtbSpcjCbw==
michelle_dee_2023_11_23_11_59_47.png
images.gmanews.tv/webpics/2023/11/ 		728 KB
729 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.gmanews.tv/webpics/2023/11/michelle_dee_2023_11_23_11_59_47.png
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-36.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
90920ca95a749698c52df2e9af9b4f533bd6368b345f90125a96717726452b92

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 04:02:56 GMT
via
1.1 1ed131e2ff13a9b8852067b4dfb6f2dc.cloudfront.net (CloudFront)
last-modified
Thu, 23 Nov 2023 03:59:49 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
40122
etag
"4f03fb6cb0921fe278aa5f3389bf7e9a"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
content-length
745129
x-amz-cf-id
mQTMOVuaihAHyA7GYh_ZuQQ2zKiAPJtS3F-QYFMyZaHmqgtrNiNDpw==
rules-p-ernMzxMzj4rTH.js
rules.quantcount.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-ernMzxMzj4rTH.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:1a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
570eb26b1f69dc91b116affae587952ea205228975cec892890a16dab882124f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 14:59:43 GMT
content-encoding
gzip
via
1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
842
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 13 Oct 2022 14:57:02 GMT
server
AmazonS3
etag
W/"2586e780d12e3579958caf730b2c56b5"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
u93Lzv1A-PXVWDFbST-n6MubCIYvQDDPT5u95PCdhOYnOyvck_BJFw==
x3d09.js
geo.dailymotion.com/libs/player/ 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://geo.dailymotion.com/libs/player/x3d09.js
Requested by
Host: statics.dmcdn.net
URL: https://statics.dmcdn.net/c/dm-ce.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.8.215.137 , France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
lrpwww.dailymotion.com
Software
DMS/1.0.42 /
Resource Hash
e6c6fadb7b79bb2354f56478fe0896103037b1e4c99bcb07dedf7ae93af33d91
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31708800; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Security-Policy
upgrade-insecure-requests
Content-Encoding
gzip
Strict-Transport-Security
max-age=31708800; includeSubDomains; preload
Date
Thu, 23 Nov 2023 15:11:37 GMT
Content-Security-Policy-Report-Only
default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Transfer-Encoding
chunked
Server-Timing
total;dur=21, dc;desc="dc3"
Connection
Keep-Alive
Referrer-Policy
strict-origin-when-cross-origin
Server
DMS/1.0.42
Expect-Ct
max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Vary
X-DM-SSL, Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
no-cache, no-store
Timing-Allow-Origin
*
Link
<https://www.dailymotion.com>; rel="preconnect"; crossorigin="use-credentials", <https://static1.dmcdn.net>; rel="preconnect"; crossorigin="anonymous"
Keep-Alive
timeout=60, max=4975
videos
api.dailymotion.com/ 		12 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.dailymotion.com/videos?fields=id%2Ctitle%2Cthumbnail_480_url%2Cmode%2Conair%2Cowner.screenname%2Ccreated_time%2Cdescription%2Cthumbnail_240_url%2Cduration%2Cowner.avatar_25_url%2Cchannel.name%2Cowner.url&limit=16&private=0&flags=no_live%2Cexportable&longer_than=0.35&owners=GMANetwork&sort=trending
Requested by
Host: statics.dmcdn.net
URL: https://statics.dmcdn.net/c/dm-ce.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.90 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
fp.dc3.dailymotion.com
Software
DMS/1.0.42 /
Resource Hash
e80a791036f28fbbcd713b2f6db8395f4c546b776bd21c764184893e3217a518
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Security-Policy
upgrade-insecure-requests
Content-Encoding
gzip
Date
Thu, 23 Nov 2023 15:11:37 GMT
Content-Security-Policy-Report-Only
default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Server-Timing
total;dur=133, dc;desc="dc3"
Content-Length
3052
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Thu, 23 Nov 2023 15:11:37 GMT
Server
DMS/1.0.42
Etag
W/"sQba8kuoZEU4Sf6nsWmPLw-gzip"
Expect-Ct
max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Vary
X-DM-SSL,Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Date, X-DM-BackNode-Response-Time, X-DM-Edge, X-DM-Cache-Status, X-Served-By
Cache-Control
public, max-age=900
X-Frame-Options
DENY
Timing-Allow-Origin
*
Access-Control-Allow-Headers
Content-Type, Authorization
X-Robots-Tag
noindex
anchor
www.google.com/recaptcha/api2/ Frame 84B1 		62 KB
36 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeMXBkUAAAAADrrrFfGFPpuiQ8fmumFUu-Ndq6o&co=aHR0cHM6Ly93d3cuZ21hbmV0d29yay5jb206NDQz&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=k8lbwr9v66gi
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ff481dff2c7fe1fa65b0a3aa102af3cfa8e84accfef30f035df480112d3ec8e9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-FLLO0jcAcoXRQb9B7xwvsA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gmanetwork.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-FLLO0jcAcoXRQb9B7xwvsA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 15:11:37 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
anchor
www.google.com/recaptcha/api2/ Frame 29E7 		61 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeMXBkUAAAAADrrrFfGFPpuiQ8fmumFUu-Ndq6o&co=aHR0cHM6Ly93d3cuZ21hbmV0d29yay5jb206NDQz&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=967n7sla8kku
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
983acab334d838f0a0f8fb1d60e51f82f48e40dc7a09ef88110468d6368a17c4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-zn8fW2WBkB8BWzNw7tON1w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gmanetwork.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-zn8fW2WBkB8BWzNw7tON1w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 15:11:37 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cd6cddc5-4dca-4d77-9a65-8b894400e772
config.aps.amazon-adsystem.com/configs/ 		537 B
802 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/cd6cddc5-4dca-4d77-9a65-8b894400e772
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-71.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
313d7bad01577d169a368d471264cd2228b145a183fba42679f41e1d2b2a9f27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 14:34:47 GMT
via
1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
age
2210
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
537
x-amz-cf-id
DecDaE4JBht3xVIvgmyio_AwAfq_1uuAEEwdZex5KQuMbhoVL1oiSA==
config
c.amazon-adsystem.com/cdn/prod/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.gmanetwork.com&pubid=cd6cddc5-4dca-4d77-9a65-8b894400e772
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-213.fra56.r.cloudfront.net
Software
Server /
Resource Hash
c86d792f85479bc941b4eb8e817e461f88e5b57097f65c48529b509857bda2ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 14:40:20 GMT
via
1.1 3fdf3aacaef6ec40c4eedb85c8144da2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C2
age
1877
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.gmanetwork.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
2196
x-amz-cf-id
thTc7ExtVz8dyhVPCabs42GAQYzAIo5_9AIswOpISZZr1aSGSMBsjw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-213.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
date
Thu, 23 Nov 2023 10:05:52 GMT
x-amz-cf-pop
FRA56-C2
age
19161
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
junq3mAKZQA3Xo8G1WvmVz3waIB0MzJK1nxqO_BtnpTfD6INnL0eyQ==
collect
www.google-analytics.com/j/ 		2 B
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=885053129&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gmanetwork.com%2F&ul=en-us&de=UTF-8&dt=GMA%20Network%20%7C%20News%20and%20Entertainment&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=663602693&gjid=369750538&cid=1264207553.1700752298&tid=UA-242242-18&_gid=460939384.1700752298&_r=1&gtm=457e3b81&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=718491604
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.gmanetwork.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel;r=734045738;labels=title.GMA%20Network%20%7C%20News%20and%20Entertainment%2Ckeywords.GMA%2Ckeywords.GMA%20Network%2Ckeywords.Kapuso%2Ckeywords.Kapuso%20Network%2Ckeywords.GMA%20Network%20Port...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=734045738;labels=title.GMA%20Network%20%7C%20News%20and%20Entertainment%2Ckeywords.GMA%2Ckeywords.GMA%20Network%2Ckeywords.Kapuso%2Ckeywords.Kapuso%20Network%2Ckeywords.GMA%20Network%20Portal%2Ckeywords.GMA%20Online;rf=0;a=p-ernMzxMzj4rTH;url=https%3A%2F%2Fwww.gmanetwork.com%2F;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-804627643-1700752297696;pbc=;ns=0;ce=1;qjs=1;qv=6076e8c2-20231114150359;cm=;gdpr=0;ref=;d=gmanetwork.com;dst=1;et=1700752297808;tzo=-60;ogl=title.GMA%20Network%20%7C%20News%20and%20Entertainment%20%2Cdescription.The%20official%20website%20of%20Philippines's%20leading%20and%20most%20trusted%20news%20and%20entertai%2Cimage.https%3A%2F%2Faphrodite%252Egmanetwork%252Ecom%2Fgma%252Ejpg%2Cimage%3Awidth.1200%2Cimage%3Aheight.900%2Cimage%3Asecure_url.https%3A%2F%2Faphrodite%252Egmanetwork%252Ecom%2Fgma%252Ejpg%2Curl.https%3A%2F%2Fwww%252Egmanetwork%252Ecom%2Ctype.article;ses=ad205c3a-58ae-49c9-83b8-c3ebb2174b68;mdl=
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:37 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
257 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-B4FW0S5GFB&gtm=45je3b81v886113301&_p=1700752297531&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1264207553.1700752298&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700752297&sct=1&seg=0&dl=https%3A%2F%2Fwww.gmanetwork.com%2F&dt=GMA%20Network%20%7C%20News%20and%20Entertainment&en=page_view&_fv=1&_ss=1&_ee=1&ep.portal_section=Portal&ep.content_type=Homepage&tfd=2263
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B4FW0S5GFB&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.gmanetwork.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-B4FW0S5GFB&cid=1264207553.1700752298&gtm=45je3b81v886113301&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B4FW0S5GFB&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.gmanetwork.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-B4FW0S5GFB&cid=1264207553.1700752298&gtm=45je3b81v886113301&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=430430394
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 84B1 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeMXBkUAAAAADrrrFfGFPpuiQ8fmumFUu-Ndq6o&co=aHR0cHM6Ly93d3cuZ21hbmV0d29yay5jb206NDQz&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=k8lbwr9v66gi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:17:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6820
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 05:42:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Nov 2024 13:17:57 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 84B1 		468 KB
188 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeMXBkUAAAAADrrrFfGFPpuiQ8fmumFUu-Ndq6o&co=aHR0cHM6Ly93d3cuZ21hbmV0d29yay5jb206NDQz&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=k8lbwr9v66gi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
983871cac9e719263fcecaa540c4e1597c8ece1805845830ec21fef0e71d9f88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 08:23:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24509
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
192016
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 05:42:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Nov 2024 08:23:08 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 29E7 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeMXBkUAAAAADrrrFfGFPpuiQ8fmumFUu-Ndq6o&co=aHR0cHM6Ly93d3cuZ21hbmV0d29yay5jb206NDQz&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=967n7sla8kku
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:17:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6820
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 05:42:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Nov 2024 13:17:57 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 29E7 		468 KB
188 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeMXBkUAAAAADrrrFfGFPpuiQ8fmumFUu-Ndq6o&co=aHR0cHM6Ly93d3cuZ21hbmV0d29yay5jb206NDQz&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=967n7sla8kku
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
983871cac9e719263fcecaa540c4e1597c8ece1805845830ec21fef0e71d9f88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 08:23:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24509
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
192016
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 05:42:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Nov 2024 08:23:08 GMT
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:38 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Thu, 23 Nov 2023 15:26:38 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-97.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 06:08:51 GMT
content-encoding
gzip
via
1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
32567
x-amz-server-side-encryption
AES256
etag
W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
PpZs3JFfUgwTmDf9SOX5d6nNZuWDUisU8UPYPIi5kaNeIHy7FlVk5w==
hadron.js
cdn.hadronid.net/ 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.gmanetwork.com%2F&ref=&_it=amazon&partner_id=632
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:34ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ee69abe38a87fd8aa0867401e1e14d2831eab6dfb1bb2d97abf65ac57cb5705

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:37 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 07 Sep 2023 17:31:32 GMT
server
cloudflare
x-amz-request-id
907JHMEEKQ08DSV2
age
1502
etag
W/"8bbf05f440008747d4df642e30fc4ddc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
82aa5885ec0890d6-FRA
x-amz-id-2
oJpPJCbEID7z1zM9kIxlsqSbq8xeH5HC5gS4xpeHur3SW4yHO8BbtAlQwktjkw9El2h2R0B/Pt0=
id5-api.js
cdn.id5-sync.com/api/1.0/ 		155 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dde6cbe139a1b61c30c174967db2c281b294f7818c5709a4585e5a893227bf5a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:37 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 22 Nov 2023 08:19:05 GMT
server
cloudflare
x-amz-request-id
6TS9QY97YJRQB8HW
age
871
etag
W/"7e3d98894def0807c1c46e98e575ca88"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
82aa588608d118c9-FRA
x-amz-id-2
AVNeRKRV90Yda1uNRyX/oSowTEBJg6m6Oi3BDzUO2HzxCOwTTG0wJAZPM7zhy5f0r810eeMZqg8=
collect
stats.g.doubleclick.net/j/ 		4 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-242242-18&cid=1264207553.1700752298&jid=663602693&gjid=369750538&_gid=460939384.1700752298&_u=YEBAAUAAAAAAACAAI~&z=1375058112
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 23 Nov 2023 15:11:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.gmanetwork.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pebed.dm-event.net/ 		15 B
363 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pebed.dm-event.net/
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/libs/player/x3d09.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.59 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ebed2.dm.gg
Software
edward-ed/2.2.1 /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain; charset=UTF-8

Response headers

Date
Thu, 23 Nov 2023 15:11:37 GMT
Server
edward-ed/2.2.1
Access-Control-Max-Age
604800
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length
15
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ 		429 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:41:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
5428
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137535
x-xss-protection
0
server
cafe
etag
18342593356503948095
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 22 Nov 2024 13:41:09 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-242242-18&cid=1264207553.1700752298&jid=663602693&_u=YEBAAUAAAAAAACAAI~&z=1869375824
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-242242-18&cid=1264207553.1700752298&jid=663602693&_u=YEBAAUAAAAAAACAAI~&z=1869375824
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 84B1 		102 B
135 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeMXBkUAAAAADrrrFfGFPpuiQ8fmumFUu-Ndq6o&co=aHR0cHM6Ly93d3cuZ21hbmV0d29yay5jb206NDQz&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=k8lbwr9v66gi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f3706dd9e175fdadc2a564238f1ddc64afea19e67aefd5b922f33040d5f94540
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeMXBkUAAAAADrrrFfGFPpuiQ8fmumFUu-Ndq6o&co=aHR0cHM6Ly93d3cuZ21hbmV0d29yay5jb206NDQz&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=k8lbwr9v66gi
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 23 Nov 2023 15:11:37 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 29E7 		102 B
135 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeMXBkUAAAAADrrrFfGFPpuiQ8fmumFUu-Ndq6o&co=aHR0cHM6Ly93d3cuZ21hbmV0d29yay5jb206NDQz&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=967n7sla8kku
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f3706dd9e175fdadc2a564238f1ddc64afea19e67aefd5b922f33040d5f94540
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeMXBkUAAAAADrrrFfGFPpuiQ8fmumFUu-Ndq6o&co=aHR0cHM6Ly93d3cuZ21hbmV0d29yay5jb206NDQz&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=967n7sla8kku
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 23 Nov 2023 15:11:37 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-a9a7"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 24 Nov 2023 15:11:38 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-97.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 07:38:20 GMT
content-encoding
gzip
via
1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
27199
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
K-kZR6_1Jd-7s_BzFfWyKTFxW-AtB-Mq3voBGfiXtncPfImDHAouXg==
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:1a00:a:e047:753:a221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date
Thu, 23 Nov 2023 10:03:28 GMT
Via
1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P2
Age
18491
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
2776
Last-Modified
Thu, 19 Oct 2023 06:40:11 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
AxnU4eBMNuMy5WqliW3FGy-qqyjTiuqTZwBfUpwWifhxBtRnyMNCBA==
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 03:26:36 GMT
content-encoding
gzip
age
2547902
x-guploader-uploadid
ABPtcPomD9PwI-x1w_qV94tV1ozSRGR8ZeUKPfmAcHMXugM_rapxZCGwrYNwQRfVOUUs3oMWA37p8xfLMlvY-C9eeSMu
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Thu, 24 Oct 2024 03:26:36 GMT
esp.js
cdn.id5-sync.com/api/1.0/ 		156 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22a1257891d7523261ed7426751d43a5dfeb83e2211aed3b71f085b5a45149ed
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:38 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 22 Nov 2023 08:19:05 GMT
server
cloudflare
x-amz-request-id
C8TZWBE2GJMTFRTZ
age
2038
etag
W/"6d1031a5affe091aafc4dbcf111418ee"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
82aa5886a9a918c9-FRA
x-amz-id-2
Fk+ihzcMW5fB9+IqXopwRWstiCNcEwltSzzXSYwOFZukmnxOUtaa8ZRY1crthXuZVFiR7dvTB5o=
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1590
x-jsd-version
master
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230065-FRA
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gNSgc6fbWlOda9hI%2BNJ%2FxMFq7FbAtdOiVivmJdlmL%2F%2Fk9dw9sLohnfkIpEwokM31IXwE8x2kz4XSjZzm9j%2F3d5OLkkKf7Q28hAmbhraIwCtr3yi5Xd9aqaq5%2Fez%2Bgez%2BFUqOphIIK0WDlYQ3Beg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
82aa5886c8b75d45-FRA
ads
securepubads.g.doubleclick.net/gampad/ 		705 B
381 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2603953397491756&correlator=1021826830400635&eid=31078016%2C31079527&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&iu_parts=344684475%2CPORTAL_Home_Leaderboard_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90&ifi=1&didk=1953749000&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1700752298013&lmt=1700752298&adxs=315&adys=84&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.gmanetwork.com%2F&vis=1&psz=1349x20&msz=970x0&fws=0&ohw=0&ga_vid=1264207553.1700752298&ga_sid=1700752298&ga_hid=885053129&ga_fc=true&dlt=1700752296380&idt=1596&prev_scp=m_mv%3DslotWaiting%26m_gv%3DslotWaiting&cust_params=m_data%3Dwaiting%26m_safety%3Dwaiting%26m_categories%3Dwaiting%26m_mv%3Dwaiting%26m_gv%3Dwaiting&adks=3344792239&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
93e307064c21228d99d736aa2bb547c492c22abcf18240fab1cbcf0c34bfeeaf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:38 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
351
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.gmanetwork.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		564 B
308 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2603953397491756&correlator=590499912465306&eid=31078016%2C31079527&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&iu_parts=344684475%2CPORTAL_Home_Billboard_Footer&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90%7C970x250&ifi=2&didk=554265908&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1700752298021&lmt=1700752298&adxs=315&adys=4681&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.gmanetwork.com%2F&vis=1&psz=1349x20&msz=970x0&fws=0&ohw=0&ga_vid=1264207553.1700752298&ga_sid=1700752298&ga_hid=885053129&ga_fc=true&dlt=1700752296380&idt=1596&prev_scp=m_mv%3DslotWaiting%26m_gv%3DslotWaiting&cust_params=m_data%3Dwaiting%26m_safety%3Dwaiting%26m_categories%3Dwaiting%26m_mv%3Dwaiting%26m_gv%3Dwaiting&adks=204519716&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
20abfed70acb0c65c3f04d9a2d275de749f47e83e12e4555d241560e7059e4fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:38 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
278
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.gmanetwork.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		59 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2603953397491756&correlator=3480630807131973&eid=31078016%2C31079527&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&iu_parts=344684475%2CPORTAL_Home_Mrec_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280%7C300x250%7C250x250&ifi=3&didk=3271249305&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1700752298024&lmt=1700752298&adxs=1127&adys=970&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.gmanetwork.com%2F&vis=1&psz=329x300&msz=336x20&fws=0&ohw=0&ga_vid=1264207553.1700752298&ga_sid=1700752298&ga_hid=885053129&ga_fc=true&dlt=1700752296380&idt=1596&prev_scp=m_mv%3DslotWaiting%26m_gv%3DslotWaiting&cust_params=m_data%3Dwaiting%26m_safety%3Dwaiting%26m_categories%3Dwaiting%26m_mv%3Dwaiting%26m_gv%3Dwaiting&adks=95733490&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b0dc69ead89bbbf92f426439ead6395d9d46441db7689d990615407c7a3a90b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14382
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.gmanetwork.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		562 B
311 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2603953397491756&correlator=3645909781903038&eid=31078016%2C31079527&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&iu_parts=344684475%2CPORTAL_Home_Mrec_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280%7C300x250%7C250x250&ifi=4&didk=3271249304&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1700752298026&lmt=1700752298&adxs=978&adys=2204&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.gmanetwork.com%2F&vis=1&psz=336x300&msz=336x20&fws=0&ohw=0&ga_vid=1264207553.1700752298&ga_sid=1700752298&ga_hid=885053129&ga_fc=true&dlt=1700752296380&idt=1596&prev_scp=m_mv%3DslotWaiting%26m_gv%3DslotWaiting&cust_params=m_data%3Dwaiting%26m_safety%3Dwaiting%26m_categories%3Dwaiting%26m_mv%3Dwaiting%26m_gv%3Dwaiting&adks=95733489&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d6538d14a154a00f122faa7988c3e5c8f1842833643000af158ee45e2e9cde05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:38 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.gmanetwork.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 52D5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gmanetwork.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 15:11:38 GMT
expires
Fri, 22 Nov 2024 15:11:38 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
hadron.json
id.hadron.ad.gt/v1/ 		99 B
291 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=632&sync=0&domain=www.gmanetwork.com&url=https://www.gmanetwork.com/
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.gmanetwork.com%2F&ref=&_it=amazon&partner_id=632
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c75b05bf2836d54cfdba76825b65d80ea4ee62cb0caae0425471f018c929d935

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 Nov 2023 15:11:38 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
private,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
82aa5887fa1d4d40-FRA
hadron.json
id.hadron.ad.gt/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=632&sync=0&domain=www.gmanetwork.com&url=https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.gmanetwork.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
82aa588748e94d40-FRA
content-length
0
content-type
application/json
date
Thu, 23 Nov 2023 15:11:38 GMT
debug
OPTIONS block
expires
Fri, 22 Nov 2024 15:11:38 GMT
server
cloudflare
372.min.45109c7c.js
statics.dmcdn.net/c/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://statics.dmcdn.net/c/372.min.45109c7c.js
Requested by
Host: statics.dmcdn.net
URL: https://statics.dmcdn.net/c/dm-ce.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
/
Resource Hash
97005dd25cf70a636dc3cbbdf6b292ce3a83275dc375c313125aa845695a06d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:38 GMT
content-encoding
gzip
last-modified
Thu, 02 Nov 2023 03:56:52 GMT
age
14916
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1039
x-llid
72ee8bbe1a7190d9ed77c5cdf6ae8df5
expires
Sat, 23 Dec 2023 11:03:02 GMT
985.min.16ba738b.js
statics.dmcdn.net/c/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://statics.dmcdn.net/c/985.min.16ba738b.js
Requested by
Host: statics.dmcdn.net
URL: https://statics.dmcdn.net/c/dm-ce.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
/
Resource Hash
3632ce654783468fa2b5e1087f14b1b07ed4be55e2ba0a6e777926585fbb8522

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:38 GMT
content-encoding
gzip
last-modified
Thu, 02 Nov 2023 03:56:52 GMT
age
8111
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
content-length
6225
x-llid
fe3efe7ec9e2ba3487846da3d3d3d793
expires
Sat, 23 Dec 2023 12:56:27 GMT
x480
s1.dmcdn.net/v/VQu1n1bNYaJ39drPh/ 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.dmcdn.net/v/VQu1n1bNYaJ39drPh/x480
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.49 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-49.deploy.static.akamaitechnologies.com
Software
DMS/2 /
Resource Hash
4a1e0abfdb96853771278d05752b869eecfbde0af375368eb0e277dbaefba3de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:38 GMT
last-modified
Wed, 22 Nov 2023 16:16:18 GMT
server
DMS/2
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
server-timing
total;dur=2, dc;desc="ix7"
timing-allow-origin
*
access-control-allow-headers
Range
content-length
69650
expires
Thu, 23 Nov 2023 17:07:02 GMT
map
bcp.crwdcntrl.net/6/ 		60 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.34.182.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-182-11.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
0a6c1e142e117d18911b8d227abe733249ec72783a0941e6e56bf79fbc9aa35d

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:38 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.gmanetwork.com
cache-control
no-cache
x-server
10.45.15.131
access-control-allow-credentials
true
content-length
60
expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		565 B
311 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2603953397491756&correlator=2367028565371933&eid=31078016%2C31079527&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&iu_parts=344684475%2CPORTAL_Home_Desktop_Interstitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=5&didk=2048263906&sfv=1-0-40&ists=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1700752298165&lmt=1700752298&adxs=126&adys=49&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.gmanetwork.com%2F&vis=1&psz=1349x0&msz=0x0&fws=128&ohw=0&ga_vid=1264207553.1700752298&ga_sid=1700752298&ga_hid=885053129&ga_fc=true&dlt=1700752296380&idt=1596&prev_scp=site_id%3DGMA_Entertainment%26m_mv%3DslotWaiting%26m_gv%3DslotWaiting&cust_params=m_data%3Dwaiting%26m_safety%3Dwaiting%26m_categories%3Dwaiting%26m_mv%3Dwaiting%26m_gv%3Dwaiting%26amznbid%3D0%26amznp%3D0%26gs_cat%3Dgl_english%252Cgb_safe_from_high%252Cgs_busfin%252Cgt_mixed%252Cgb_spam_high_med%252Cgb_spam_high_med_low%252Cgt_negative_mistrust%252Cgs_tech%252Cgs_tech_compute%252Cgs_tech_compute_net%252Cgs_tech_compute_net_email%252Cgs_busfin_business_marketing%252Cgs_busfin_business%252Cgs_busfin_indus%252Cgs_busfin_indus_advertising%252Cgs_personalfin%252Cgs_personalfin_utility%252Cgs_personalfin_utility_phone%252Cgt_positive_pleasure&adks=3830817368&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ddb235a94d689531eb689cc9376a5ee19377420568bab9bb87c0cbe7b9684eaa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:38 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.gmanetwork.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
syncframe
gum.criteo.com/ Frame F0CC 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.gmanetwork.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.gmanetwork.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 15:11:37 GMT
server
Kestrel
server-processing-duration-in-ticks
353432
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.gmanetwork.com%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.gmanetwork.com%2F&rid=esp&cc=1
85 B
202 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.gmanetwork.com%2F&rid=esp&cc=1
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
40d21780512932deeed493add99ab54d1f4b53f060e4ce614bfa14d14e3ec707

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:38 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-mV0poX6lKcAEJYgVT7zFMsfkvuo"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gmanetwork.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Thu, 23 Nov 2023 15:11:38 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.gmanetwork.com
location
/esp?url=https%3A%2F%2Fwww.gmanetwork.com%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
increment
id5-sync.com/api/esp/ 		0
234 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gmanetwork.com
date
Thu, 23 Nov 2023 15:11:37 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
x240
s2.dmcdn.net/v/VQu1n1bNYaJ_l-m4e/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.dmcdn.net/v/VQu1n1bNYaJ_l-m4e/x240
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.49 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-49.deploy.static.akamaitechnologies.com
Software
DMS/2 /
Resource Hash
22cac75cf95f12d31b33168d11efa9931af175db7a994a7af469f8dfb83c7f71

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:38 GMT
last-modified
Wed, 22 Nov 2023 16:15:15 GMT
server
DMS/2
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
server-timing
total;dur=0, dc;desc="dc3"
timing-allow-origin
*
access-control-allow-headers
Range
content-length
22909
expires
Thu, 23 Nov 2023 16:32:02 GMT
25x25
s1.dmcdn.net/u/5Rctc1bNskfvznlik/ 		933 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.dmcdn.net/u/5Rctc1bNskfvznlik/25x25
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.49 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-49.deploy.static.akamaitechnologies.com
Software
DMS/2 /
Resource Hash
3092c5c539e2a234b373fb36f52d9603ed661ed03624ae899bfbccd6948f707a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:38 GMT
last-modified
Thu, 23 Nov 2023 15:11:38 GMT
server
DMS/2
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
server-timing
total;dur=29, dc;desc="dc3"
timing-allow-origin
*
access-control-allow-headers
Range
content-length
933
expires
Fri, 24 Nov 2023 15:11:38 GMT
x240
s2.dmcdn.net/v/VR6zW1bNoX0fuEtOG/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.dmcdn.net/v/VR6zW1bNoX0fuEtOG/x240
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.49 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-49.deploy.static.akamaitechnologies.com
Software
DMS/2 /
Resource Hash
356c81aca8049b789bc67499fc284bc7eea006e989fbb7351cdb812f1a24971e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:38 GMT
last-modified
Thu, 23 Nov 2023 10:24:09 GMT
server
DMS/2
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
server-timing
total;dur=1, dc;desc="ix7"
timing-allow-origin
*
access-control-allow-headers
Range
content-length
19653
expires
Fri, 24 Nov 2023 11:28:56 GMT
x240
s2.dmcdn.net/v/VQJ1y1bNTIbUZdCpa/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.dmcdn.net/v/VQJ1y1bNTIbUZdCpa/x240
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.49 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-49.deploy.static.akamaitechnologies.com
Software
DMS/2 /
Resource Hash
5d7cd8467d915e302c4e5e648ec8f471cb68a9a0fc9e881acebea2cdc27b7843

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:38 GMT
last-modified
Thu, 23 Nov 2023 10:16:46 GMT
server
DMS/2
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
server-timing
total;dur=2, dc;desc="dc3"
timing-allow-origin
*
access-control-allow-headers
Range
content-length
19865
expires
Fri, 24 Nov 2023 10:32:22 GMT
x240
s2.dmcdn.net/v/VQho_1bNm2FGm_BIG/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.dmcdn.net/v/VQho_1bNm2FGm_BIG/x240
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.49 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-49.deploy.static.akamaitechnologies.com
Software
DMS/2 /
Resource Hash
c56c33829d5499932d8ab2acbfcaa984cb7892e55cc4c78a25b788346d3da8b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:38 GMT
last-modified
Thu, 23 Nov 2023 07:34:41 GMT
server
DMS/2
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
server-timing
total;dur=1, dc;desc="dc3"
timing-allow-origin
*
access-control-allow-headers
Range
content-length
21540
expires
Fri, 24 Nov 2023 07:59:24 GMT
x240
s1.dmcdn.net/v/VQyXB1bNaVmMXMLUo/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.dmcdn.net/v/VQyXB1bNaVmMXMLUo/x240
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.49 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-49.deploy.static.akamaitechnologies.com
Software
DMS/2 /
Resource Hash
4b3ca836bc65a026078313b6d5982c6320b4c9b6c606aed2a47e9a704642644c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:38 GMT
last-modified
Wed, 22 Nov 2023 18:27:03 GMT
server
DMS/2
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
server-timing
total;dur=2, dc;desc="dc3"
timing-allow-origin
*
access-control-allow-headers
Range
content-length
17413
expires
Thu, 23 Nov 2023 22:30:38 GMT
25x25
s2.dmcdn.net/u/5Rctc1bNskfvznlik/ 		933 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.dmcdn.net/u/5Rctc1bNskfvznlik/25x25
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.49 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-49.deploy.static.akamaitechnologies.com
Software
DMS/2 /
Resource Hash
3092c5c539e2a234b373fb36f52d9603ed661ed03624ae899bfbccd6948f707a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:38 GMT
last-modified
Thu, 23 Nov 2023 15:11:38 GMT
server
DMS/2
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
server-timing
total;dur=29, dc;desc="dc3"
timing-allow-origin
*
access-control-allow-headers
Range
content-length
933
expires
Fri, 24 Nov 2023 15:11:38 GMT
x240
s2.dmcdn.net/v/VQAKG1bN8-L5p_NL_/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.dmcdn.net/v/VQAKG1bN8-L5p_NL_/x240
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.49 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-49.deploy.static.akamaitechnologies.com
Software
DMS/2 /
Resource Hash
30371f414f5854dda8a468b66607dffb2bb98b3effb8d665e987b98bafe2648a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:38 GMT
last-modified
Wed, 22 Nov 2023 11:12:44 GMT
server
DMS/2
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
server-timing
total;dur=1, dc;desc="dc3"
timing-allow-origin
*
access-control-allow-headers
Range
content-length
22178
expires
Fri, 24 Nov 2023 07:33:41 GMT
x240
s2.dmcdn.net/v/VPr0U1bNBztjYAp-g/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.dmcdn.net/v/VPr0U1bNBztjYAp-g/x240
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.49 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-49.deploy.static.akamaitechnologies.com
Software
DMS/2 /
Resource Hash
e4e178267bfdc698323cbb5799803a9b5741c9ceeb398fa2c6ce364afdb906a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:38 GMT
last-modified
Wed, 22 Nov 2023 14:34:05 GMT
server
DMS/2
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
server-timing
total;dur=1, dc;desc="ix7"
timing-allow-origin
*
access-control-allow-headers
Range
content-length
15969
expires
Fri, 24 Nov 2023 11:00:37 GMT
x240
s1.dmcdn.net/v/VQUGT1bNmExNl58g4/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.dmcdn.net/v/VQUGT1bNmExNl58g4/x240
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.49 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-49.deploy.static.akamaitechnologies.com
Software
DMS/2 /
Resource Hash
fde8f9126fb544ce3297062f2cf0745ccb437db2a8a7f87fab20d2f17a7a10ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:38 GMT
last-modified
Thu, 23 Nov 2023 07:48:24 GMT
server
DMS/2
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
server-timing
total;dur=1, dc;desc="dc3"
timing-allow-origin
*
access-control-allow-headers
Range
content-length
19883
expires
Fri, 24 Nov 2023 08:06:59 GMT
x240
s1.dmcdn.net/v/VQlI41bNNJ96tMFIH/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.dmcdn.net/v/VQlI41bNNJ96tMFIH/x240
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.49 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-49.deploy.static.akamaitechnologies.com
Software
DMS/2 /
Resource Hash
a47d2e466e88d30d4bace81030eedee32b9a066ec9b3eb8e7cd77b714da38fe2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:38 GMT
last-modified
Thu, 23 Nov 2023 04:04:09 GMT
server
DMS/2
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
server-timing
total;dur=37, dc;desc="dc3"
timing-allow-origin
*
access-control-allow-headers
Range
content-length
23858
expires
Fri, 24 Nov 2023 04:03:45 GMT
x240
s1.dmcdn.net/v/VQu361bNToTvW8Svl/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.dmcdn.net/v/VQu361bNToTvW8Svl/x240
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.49 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-49.deploy.static.akamaitechnologies.com
Software
DMS/2 /
Resource Hash
4e83341c098d5d3d2f449b411fef0e370d5bf3d4f808c1736bbb2b7fd8da267e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:38 GMT
last-modified
Wed, 22 Nov 2023 10:51:26 GMT
server
DMS/2
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
server-timing
total;dur=2, dc;desc="ix7"
timing-allow-origin
*
access-control-allow-headers
Range
content-length
23938
expires
Thu, 23 Nov 2023 15:33:26 GMT
x240
s2.dmcdn.net/v/VR5AM1bNk3e0LxMds/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.dmcdn.net/v/VR5AM1bNk3e0LxMds/x240
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.49 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-49.deploy.static.akamaitechnologies.com
Software
DMS/2 /
Resource Hash
17b442401ad3cb8ed66991683d396ae112344e15d057aa002c5f1f495b1f5d76

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:38 GMT
last-modified
Thu, 23 Nov 2023 05:19:52 GMT
server
DMS/2
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
server-timing
total;dur=1, dc;desc="dc3"
timing-allow-origin
*
access-control-allow-headers
Range
content-length
30140
expires
Fri, 24 Nov 2023 07:59:00 GMT
x240
s1.dmcdn.net/v/VPevm1bMUPDUJHLm_/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.dmcdn.net/v/VPevm1bMUPDUJHLm_/x240
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.49 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-49.deploy.static.akamaitechnologies.com
Software
DMS/2 /
Resource Hash
9d0101d9265d80d8eb438e61f6696ae78aac23db31b6d30f496ca833d147aaa3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:38 GMT
last-modified
Wed, 22 Nov 2023 10:50:54 GMT
server
DMS/2
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
server-timing
total;dur=1, dc;desc="ix7"
timing-allow-origin
*
access-control-allow-headers
Range
content-length
18214
expires
Fri, 24 Nov 2023 05:25:26 GMT
x240
s1.dmcdn.net/v/VQX3z1bNfI-sWSn9L/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.dmcdn.net/v/VQX3z1bNfI-sWSn9L/x240
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.49 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-49.deploy.static.akamaitechnologies.com
Software
DMS/2 /
Resource Hash
2f2ea80a183d9b09c9ebd006b2f77b7559344493bd0e98def0e20c2f28a7ff72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:38 GMT
last-modified
Wed, 22 Nov 2023 23:55:09 GMT
server
DMS/2
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
server-timing
total;dur=1, dc;desc="dc3"
timing-allow-origin
*
access-control-allow-headers
Range
content-length
22018
expires
Fri, 24 Nov 2023 01:06:31 GMT
x240
s1.dmcdn.net/v/VR5WH1bNn7z9nkRd6/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.dmcdn.net/v/VR5WH1bNn7z9nkRd6/x240
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.49 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-49.deploy.static.akamaitechnologies.com
Software
DMS/2 /
Resource Hash
d9f921dedc80efa4e2d38ee93c64da3b3cd00b1956568e49876839071f6ccbac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:38 GMT
last-modified
Thu, 23 Nov 2023 08:50:47 GMT
server
DMS/2
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
server-timing
total;dur=2, dc;desc="dc3"
timing-allow-origin
*
access-control-allow-headers
Range
content-length
22746
expires
Fri, 24 Nov 2023 11:28:56 GMT
x240
s2.dmcdn.net/v/VQtG31bNX9_eQIyDy/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.dmcdn.net/v/VQtG31bNX9_eQIyDy/x240
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.49 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-49.deploy.static.akamaitechnologies.com
Software
DMS/2 /
Resource Hash
3f0f2e900aa679451647aa7e0928d9c9f4d874e932ee7a12bf8774bfd2013d6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:38 GMT
last-modified
Wed, 22 Nov 2023 20:18:13 GMT
server
DMS/2
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
server-timing
total;dur=126, dc;desc="dc3"
timing-allow-origin
*
access-control-allow-headers
Range
content-length
25712
expires
Thu, 23 Nov 2023 20:19:05 GMT
x240
s2.dmcdn.net/v/VQva61bNVNsylivWT/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.dmcdn.net/v/VQva61bNVNsylivWT/x240
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.49 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-49.deploy.static.akamaitechnologies.com
Software
DMS/2 /
Resource Hash
84e2167e77945cd0b8774945229d3bbd912247a9086435fe4396ee5364391f56

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:38 GMT
last-modified
Wed, 22 Nov 2023 12:48:34 GMT
server
DMS/2
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
server-timing
total;dur=1, dc;desc="ix7"
timing-allow-origin
*
access-control-allow-headers
Range
content-length
23557
expires
Thu, 23 Nov 2023 23:25:15 GMT
fontello.woff2
aphrodite.gmanetwork.com/assets/revamp/fonts/icons/ 		14 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://aphrodite.gmanetwork.com/assets/revamp/fonts/icons/fontello.woff2
Requested by
Host: aphrodite.gmanetwork.com
URL: https://aphrodite.gmanetwork.com/assets/revamp/css/build/widgets/header_style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:c00:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer

Response headers

x-amz-version-id
null
date
Thu, 23 Nov 2023 15:10:50 GMT
via
1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
56
x-cache
Hit from cloudfront
content-length
14692
last-modified
Thu, 10 Oct 2019 12:34:10 GMT
server
AmazonS3
etag
"f7d914c20b6df8faac5c74ee903a3f9b"
access-control-max-age
3000
access-control-allow-methods
GET, POST, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=120,public
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
g-7p4CjyRYbCH_dPi-d6QuicqnjnW7ahtKRBgDBbbHUxf4oPyeWiFA==
fontello.woff2
aphrodite.gmanetwork.com/assets/revamp/fonts/icons/ 		14 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://aphrodite.gmanetwork.com/assets/revamp/fonts/icons/fontello.woff2
Requested by
Host: aphrodite.gmanetwork.com
URL: https://aphrodite.gmanetwork.com/assets/revamp/css/build/widgets/header_style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:c00:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer

Response headers

x-amz-version-id
null
date
Thu, 23 Nov 2023 15:10:50 GMT
via
1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
56
x-cache
Hit from cloudfront
content-length
14692
last-modified
Thu, 10 Oct 2019 12:34:10 GMT
server
AmazonS3
etag
"f7d914c20b6df8faac5c74ee903a3f9b"
access-control-max-age
3000
access-control-allow-methods
GET, POST, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=120,public
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
g-7p4CjyRYbCH_dPi-d6QuicqnjnW7ahtKRBgDBbbHUxf4oPyeWiFA==
map
bcp.crwdcntrl.net/6/ 		60 B
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.34.182.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-182-11.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
9cc2a0883f34de88a48068993117840b77720d075674c13718701ba72f4bd121

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:38 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.gmanetwork.com
cache-control
no-cache
x-server
10.45.31.50
access-control-allow-credentials
true
content-length
60
expires
0
sid
mug.criteo.com/ Frame F0CC
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=gmanetwork.com&sn=ChromeSyncframe&so=0&topUrl=www.gmanetwork.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=ExR-cXxEYmNpeDY4R1p6Q1pPVElPSDR0V3AvK2YvaVJxcWJROWY2VEdZS29KRjY3dmN1dnY3TUExMHdvTW12L1lmTkJIeGxsWm5LWU1DMXV3MSsvU1ZFNjI0Z3REY3h0QmY1Zjg2cUJVRHo0eG1pRlRXTWVMWUl3ZHNwSX...
428 B
654 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=ExR-cXxEYmNpeDY4R1p6Q1pPVElPSDR0V3AvK2YvaVJxcWJROWY2VEdZS29KRjY3dmN1dnY3TUExMHdvTW12L1lmTkJIeGxsWm5LWU1DMXV3MSsvU1ZFNjI0Z3REY3h0QmY1Zjg2cUJVRHo0eG1pRlRXTWVMWUl3ZHNwSXVjamk2RjhFVzNyTE5nUDJXYzNTSUUxakh5WFZFaWtNamFBaE5YL0l5eFgvTTlhT0VXc3J2SVJnaG1zN3FMMXpJUFJGdUZBRjB1TG51U25aL0paM2xzclJNMTRNam1IMGNpRWZMSHVXZyt1OWgyR3NkMmlkaFVZT1ZjYjB5MWowc1hRS1FHMGM0NFIreWUvUE5tcUhjOStnMjAxdFVmbmtzczJTVFNYY0d4ZWFadUs3QUJQWT18&cppv=2
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
190bc3cfebd6701eacafa266419c022ed41c44929feba6fe1b6e28797cf41244
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:37 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1187049
expires
0

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:37 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=ExR-cXxEYmNpeDY4R1p6Q1pPVElPSDR0V3AvK2YvaVJxcWJROWY2VEdZS29KRjY3dmN1dnY3TUExMHdvTW12L1lmTkJIeGxsWm5LWU1DMXV3MSsvU1ZFNjI0Z3REY3h0QmY1Zjg2cUJVRHo0eG1pRlRXTWVMWUl3ZHNwSXVjamk2RjhFVzNyTE5nUDJXYzNTSUUxakh5WFZFaWtNamFBaE5YL0l5eFgvTTlhT0VXc3J2SVJnaG1zN3FMMXpJUFJGdUZBRjB1TG51U25aL0paM2xzclJNMTRNam1IMGNpRWZMSHVXZyt1OWgyR3NkMmlkaFVZT1ZjYjB5MWowc1hRS1FHMGM0NFIreWUvUE5tcUhjOStnMjAxdFVmbmtzczJTVFNYY0d4ZWFadUs3QUJQWT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
272171
content-length
0
expires
0
bframe
www.google.com/recaptcha/api2/ Frame 2EB1 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LeMXBkUAAAAADrrrFfGFPpuiQ8fmumFUu-Ndq6o
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c4365d6a32488177cb54ca675336e93c4c39820a478065dbca8092963cd4063f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2nHqIVCp3vYBxalnRdRfzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gmanetwork.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-2nHqIVCp3vYBxalnRdRfzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 15:11:38 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
bframe
www.google.com/recaptcha/api2/ Frame 17F9 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LeMXBkUAAAAADrrrFfGFPpuiQ8fmumFUu-Ndq6o
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
de135524a2a2bb1da6ccccdc70fc5bb2bdeccb877049320162c7d5651277cd08
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-j_EWSqGH29cYqb68J6jCYw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gmanetwork.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-j_EWSqGH29cYqb68J6jCYw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 15:11:38 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
467 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.gmanetwork.com%2F&pid=wwMkmCU1zaxXd&cb=0&ws=1600x1200&v=23.1108.2350&t=3000&slots=%5B%7B%22sd%22%3A%22andbeyond9701%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F21751243814%2C344684475%2F179580-970-90-1%22%7D%5D&schain=1.0%2C1!andbeyond.media%2C11791%2C1%2C%2C%2C&pubid=cd6cddc5-4dca-4d77-9a65-8b894400e772&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.138.185 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-138-185.fra60.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:38 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P4
x-amz-rid
DY0E3XA9NY6M7PVC3WAR
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.gmanetwork.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
-dDFwKv1vwnrsiP2SPpPJ8TZ7zvHYRFA7oXA8RhTwvekH86W-AjSPQ==
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012310301456000/ Frame 6EFE 		196 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 17 Nov 2023 02:37:57 GMT
age
563621
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56081
x-xss-protection
0
server
sffe
etag
"6a17d296884b026a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 16 Nov 2024 02:37:57 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 6EFE 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 18 Nov 2023 08:33:14 GMT
age
455904
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5225
x-xss-protection
0
server
sffe
etag
"0b7142e00666043e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 17 Nov 2024 08:33:14 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 6EFE 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 17 Nov 2023 03:53:12 GMT
age
559106
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29077
x-xss-protection
0
server
sffe
etag
"7b1f1965b6cd6fda"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 16 Nov 2024 03:53:12 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 6EFE 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 17 Nov 2023 01:14:32 GMT
age
568626
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1911
x-xss-protection
0
server
sffe
etag
"5b0a82507b260c6e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 16 Nov 2024 01:14:32 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 6EFE 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 23 Nov 2023 14:54:32 GMT
age
1026
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12952
x-xss-protection
0
server
sffe
etag
"9817e561a46c70fa"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 22 Nov 2024 14:54:32 GMT
css
fonts.googleapis.com/ Frame 6EFE 		6 KB
706 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 23 Nov 2023 15:11:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 23 Nov 2023 13:53:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Nov 2023 15:11:38 GMT
tl.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 6EFE 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/tl.png
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d6c9c33b0b8ba1499f96e39bfb68ed6b2885dfacdae7e8bc043124da0122748
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 04:31:15 GMT
x-content-type-options
nosniff
server
cafe
age
38423
etag
11666942296230278411
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2782
x-xss-protection
0
expires
Fri, 24 Nov 2023 04:31:15 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 6EFE 		344 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 06:58:21 GMT
x-content-type-options
nosniff
server
cafe
age
29597
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Fri, 24 Nov 2023 06:58:21 GMT
2076313506083323656
tpc.googlesyndication.com/simgad/16202042108482209831/ Frame 6EFE 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16202042108482209831/2076313506083323656
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81333edbc0c23216dff29ac67ff2950850592c91086d294731262193b54c55be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 01:18:05 GMT
x-content-type-options
nosniff
age
482013
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24094
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 16:02:04 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 17 Nov 2024 01:18:05 GMT
truncated
/ Frame 6EFE 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f1c41eeff0ce4ab9dc984fbbf6c4db0a0affd73d03d47159d6b8e5f3de7e2212

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 6EFE 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee0302724c21fa61fe038088ebeeb2363f1036d92e3fff184426d835527be8c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
632
a.ad.gt/api/v1/u/matches/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/632?_it=amazon
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.gmanetwork.com%2F&ref=&_it=amazon&partner_id=632
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7da19bc4a3bf578f18da57a2ecce31f6c394bc89711b7c173c30e9d67cff27d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:38 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Thu, 23 Nov 2023 15:06:18 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
82aa588909de92b1-FRA
styles__ltr.css
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 2EB1 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LeMXBkUAAAAADrrrFfGFPpuiQ8fmumFUu-Ndq6o
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:17:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6821
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 05:42:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Nov 2024 13:17:57 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 2EB1 		468 KB
188 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LeMXBkUAAAAADrrrFfGFPpuiQ8fmumFUu-Ndq6o
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
983871cac9e719263fcecaa540c4e1597c8ece1805845830ec21fef0e71d9f88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 08:23:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24510
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
192016
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 05:42:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Nov 2024 08:23:08 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 17F9 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LeMXBkUAAAAADrrrFfGFPpuiQ8fmumFUu-Ndq6o
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:17:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6821
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 05:42:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Nov 2024 13:17:57 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 17F9 		468 KB
188 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LeMXBkUAAAAADrrrFfGFPpuiQ8fmumFUu-Ndq6o
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
983871cac9e719263fcecaa540c4e1597c8ece1805845830ec21fef0e71d9f88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 08:23:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24510
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
192016
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 05:42:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Nov 2024 08:23:08 GMT
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.gmanetwork.com%2F&pid=wwMkmCU1zaxXd&cb=1&ws=1600x1200&v=23.1108.2350&t=3000&slots=%5B%7B%22sd%22%3A%22andbeyond9702%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F21751243814%2C344684475%2F179580-970-90-2%22%7D%5D&schain=1.0%2C1!andbeyond.media%2C11791%2C1%2C%2C%2C&pubid=cd6cddc5-4dca-4d77-9a65-8b894400e772&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.138.185 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-138-185.fra60.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:38 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P4
x-amz-rid
R0WP6P4HP9P4PYFR9GSZ
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.gmanetwork.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
38T528DcZD-fkJFklkC6tIg2HDZQactdgXYKbmF-ZzZNM78jPxZpXA==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.gmanetwork.com%2F&pid=wwMkmCU1zaxXd&cb=2&ws=1600x1200&v=23.1108.2350&t=3000&slots=%5B%7B%22sd%22%3A%22andbeyond3001%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F21751243814%2C344684475%2F179580-300-250-1%22%7D%5D&schain=1.0%2C1!andbeyond.media%2C11791%2C1%2C%2C%2C&pubid=cd6cddc5-4dca-4d77-9a65-8b894400e772&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.138.185 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-138-185.fra60.r.cloudfront.net
Software
Server /
Resource Hash
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:38 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P4
x-amz-rid
NVYZ5AW061XZGG0G262N
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.gmanetwork.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
d6vk8q15nhuMGC1TcvQIhebz1J45CU1R-3FHJO5X4MdVjqAqfrSOYg==
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6EFE 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.gmanetwork.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:39:21 GMT
x-content-type-options
nosniff
age
513137
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 16:39:21 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6EFE 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.gmanetwork.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 15:22:55 GMT
x-content-type-options
nosniff
age
517723
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 15:22:55 GMT
tl.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 6EFE 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/tl.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d6c9c33b0b8ba1499f96e39bfb68ed6b2885dfacdae7e8bc043124da0122748
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 04:31:15 GMT
x-content-type-options
nosniff
server
cafe
age
38423
etag
11666942296230278411
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2782
x-xss-protection
0
expires
Fri, 24 Nov 2023 04:31:15 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 6EFE 		344 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 06:58:21 GMT
x-content-type-options
nosniff
server
cafe
age
29597
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Fri, 24 Nov 2023 06:58:21 GMT
wrapper.html
wrappers.geoedge.be/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wrappers.geoedge.be/wrapper.html
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:200:2:d490:4d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8265c5aec9ae3882691303cec1b6993e75b12e8071fe6710826f7fc6b5cbccdb

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

x-amz-version-id
gVDFxbxIIKkKTV40SMjG._OTMed_.wGK
date
Thu, 23 Nov 2023 05:59:20 GMT
via
1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
last-modified
Mon, 12 Apr 2021 12:46:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
33138
etag
"4a6c546fe449447f2a620613c0655458"
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
3121
x-amz-cf-id
BdkfUvDbuCZGUXy1zJ-NstQVPzxpLIxE5Jzbd2Xd_CycZsklhwIgPg==
localstore.js
script.4dex.io/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8264bf30b0dfc41d19bf53d2c63a8fc9326b427cf3ea9cd9b6be2696fc55b118

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 15:11:38 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Mon, 06 Nov 2023 14:13:09 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
809094
ETag
W/"e90435520cec1363a82b67d8298d79a8"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jRNpF7NuwWampFjIn8LKcTodS9mKWB8R%2F2uYeAyXp80TcVXDd2WfLcgUtaUqvfFkhvnfXWBo%2B8tcB2OY0Ir4dB8%2BAfzLzkHeBKWuNM0fYUCm%2FixkhDMIvFlav3bhfrcBSKZDN30kAZmmUdAX"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
82aa588a1c7e4dbe-FRA
hbjson
grid.bidswitch.net/ 		23 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.74.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-74-214.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
9cb88ade7bc4ef04c13f043eaaa2d355b5b5a45099ebb64d34b3db5b5dd8575f

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 23 Nov 2023 15:11:38 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.gmanetwork.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
48
prebid
prebid.media.net/rtb/ 		338 B
739 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUO7Q43N
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
2748099cb681bebb45d0fbc0ca7fa870fb8b830f41398af7fb7b9133387f80cb

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:38 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.gmanetwork.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 23 Nov 2023 15:11:38 GMT
bid-request
rtb.adpone.com/ 		778 B
933 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adpone.com/bid-request?pid=122102311271244
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1c3a75443c7717879309fe989393047db377fac18668cd72ea42e551e9f9145

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Nov 2023 15:11:38 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6LQiIa%2FBEPjPDOZiFlkJMDTUUH1L8wfvo%2BVqY7pM1q%2BG9gVaaQPCUSp9wQgjaUkKO8x3KE9UpVPOTU6NZY4qJ4EqVRXG33AEfpG8mqZUARhFkNknMChlwFYUsA20jBLmoKNBYrEoTx2CouUp"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.gmanetwork.com
access-control-allow-credentials
true
cf-ray
82aa588a2f741ac7-FRA
c
prebid.a-mo.net/a/ 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gmanetwork.com
date
Thu, 23 Nov 2023 15:11:38 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
112
server
envoy
vary
origin, Accept-Encoding
adjson
ads.betweendigital.com/ 		2 B
891 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gmanetwork.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
prebid
ib.adnxs.com/ut/v3/ 		139 B
705 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
7d66d341c38f20fbebbec8f7528345208362d87e9782183e64fc29b5a0f655d2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:38 GMT
an-x-request-uuid
e4a52411-7488-4a22-90c6-38cf88eaff92
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gmanetwork.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.141.152.75; 45.141.152.75; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bid-request
a.teads.tv/hb/ 		16 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.218.209.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-209-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:38 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.gmanetwork.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Thu, 23 Nov 2023 15:11:38 GMT
hbjson
grid.bidswitch.net/ 		24 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.74.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-74-214.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
52f19952a70a24721115979be298fd78ebd12372d88c63cc59e11788851d42ad

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 23 Nov 2023 15:11:38 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.gmanetwork.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
/
ghb.adtelligent.com/v2/auction/ 		121 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.170 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
89eedbbed5f6250bae17d20c99aeed287acc82e0e1dbf0a38c5e9c95b61ecdc9

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 23 Nov 2023 15:11:41 GMT
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.gmanetwork.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
121
prebid
mp.4dex.io/ 		66 B
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:22b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2df93cdf82ecadb17fa1511e62333500fee1411eca884eb02d6ed77c2c1a339

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Thu, 23 Nov 2023 15:11:38 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 4 inventory rules not found for mediatype: banner and adUnitCode: andbeyond9701
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gmanetwork.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
82aa588a39b32beb-FRA
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		306 B
657 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17054&site_id=400198&zone_id=2242436&size_id=2&alt_size_ids=1%2C55&rp_schain=1.0,1!andbeyond.media,11791,1,,,&eid_pubcid.org=0eacd417-eadb-441c-968f-bb85b79ef499%5E1&rf=https%3A%2F%2Fwww.gmanetwork.com%2F&kw=GMA%2CGMANetwork%2CKapuso%2CKapusoNetwork%2CGMANetworkPortal%2CGMAOnline&tg_i.domain=gmanetwork.com&tg_i.page=https%3A%2F%2Fwww.gmanetwork.com%2F&tk_flint=rtbpbjs_lite_v7.54.5&x_source.tid=693d626a-4439-4e07-87f1-a253832131f2&l_pb_bid_id=220c4d4cdc0be08&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&x_imp.ext.tid=693d626a-4439-4e07-87f1-a253832131f2&rp_maxbids=1&slots=1&rand=0.3814300073573029
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::43 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6f0829f2cd5a9fe98cc6e0932b366289c3c2d18a30922bbea4ba8ef5af4f41d7

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:38 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.gmanetwork.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
306
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		139 B
705 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
fbee24bd8f5937fc442c6f42f00fcf52564867098294efb1bbe94b9ee3c9bde7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:38 GMT
an-x-request-uuid
eca38637-b10e-491e-9b43-4b947b8f6e26
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gmanetwork.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.141.152.75; 45.141.152.75; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.5&cb=3644283666&lsavail=1&bundle=AcNcvF9XSFdLOUZLRUIzOGZuODJadm5PcWV6aUJLWTNia1liSCUyRnY1NTJpZ2F6dk9pTVZubjVmZGo5b1c2OXg5QUhFaSUyRllWcUVhTTRBQUp4JTJGU2tOa2FvSUVDYVVyZ2N5bG80TUVtMXk2ZjFBZkhOc283ejFVeXBCZExOYWNzSFVhWjZCTkFGZUdNZGJQRmR4QWxJa0RFeTgzWUElM0QlM0Q
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a04134f4ff51064b1060088f4120279252bbebcf58da8a3e4dd6ae6eea0e29c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Nov 2023 15:11:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.gmanetwork.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
bid
ap.lijit.com/rtb/ 		94 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.54.5
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
23a3d4c274bac3901c9e42ef1e11f2ac3c757db85f4208c52adbd3c8fe65e802

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 23 Nov 2023 15:11:38 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.gmanetwork.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
auction
rtb.adxpremium.services/openrtb2/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
a4ba58bee2e4589e7c27a5117067681d0c2dfc24c833ff8f917cdb70eeea5854

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 15:11:38 GMT
Server
nginx
X-Prebid
pbs-go/unknown
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.gmanetwork.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1983
Expires
0
header
hb.aralego.com/ 		0
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-34BA8D242267949417EEEB2DB6773AE&tdid=&schain=&eids=&pubcid=0eacd417-eadb-441c-968f-bb85b79ef499&u=https%3A%2F%2Fwww.gmanetwork.com%2F&host=www.gmanetwork.com&ucfUid=3d8ef28e-1e3b-458f-9e3b-708abe36dcca&w=970&h=90
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Lanham, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gmanetwork.com
date
Thu, 23 Nov 2023 15:11:38 GMT
access-control-allow-credentials
true
connection
close
prebid-request
onetag-sys.com/ 		15 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.gmanetwork.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
prebid
ib.adnxs.com/ut/v3/ 		138 B
705 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
ebdf25c85a1276ef774df6b14d61248102a77caff988a4333cf13e16809176f5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:38 GMT
an-x-request-uuid
7205d496-4a56-4d5c-9b1a-ce5a923f8937
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gmanetwork.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.141.152.75; 45.141.152.75; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
138
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
hbjson
grid.bidswitch.net/ 		24 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.74.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-74-214.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
41d1a034a8704ed9d1ee489d56bf3aeedcad74d89639b3066e752d3f3bdb519f

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 23 Nov 2023 15:11:38 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.gmanetwork.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
prebid
prebid.media.net/rtb/ 		338 B
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUO7Q43N
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
a521950f1948a200623213eab300c11f85e8c66c6ec3247f55e0ae4518c22411

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:38 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.gmanetwork.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 23 Nov 2023 15:11:38 GMT
bid-request
rtb.adpone.com/ 		779 B
738 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adpone.com/bid-request?pid=122102311271244
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3446423db0881ff4ca5f0719c3841fb4c0d1c4dfc266ad9e52e6e11bd2ee54f9

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Nov 2023 15:11:38 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HL%2B1gLDrtGs491179aSguL%2B7YPJaMmP9g85CZDm9WUWM7RNX2t0TtX806VucsTBobw%2F%2BhzcZ6n003yqv3R%2FuzeluR24fEXYiQGr7uVSXTdqUaQbhA%2B1Cipm4X1%2BQWHJVWI%2BjMbLsOEFhTSiY"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.gmanetwork.com
access-control-allow-credentials
true
cf-ray
82aa588a2f771ac7-FRA
c
prebid.a-mo.net/a/ 		0
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gmanetwork.com
date
Thu, 23 Nov 2023 15:11:38 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
36
server
envoy
vary
origin, Accept-Encoding
adjson
ads.betweendigital.com/ 		2 B
890 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gmanetwork.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
prebid
ib.adnxs.com/ut/v3/ 		18 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
32b6537fed624b948450256ad8523fc68f38591f175a5fdb916376e8d294866d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:38 GMT
content-encoding
gzip
an-x-request-uuid
cd4a5f5a-499b-4471-a750-82995957d0fc
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gmanetwork.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.141.152.75; 45.141.152.75; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bid-request
a.teads.tv/hb/ 		16 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.218.209.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-209-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:38 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.gmanetwork.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Thu, 23 Nov 2023 15:11:38 GMT
hbjson
grid.bidswitch.net/ 		23 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.74.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-74-214.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f1e952aa1aa6d8a0cebcf7188ad329c3f7d86fc42448c9b7f69c7d658f72d4bd

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 23 Nov 2023 15:11:38 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.gmanetwork.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
48
/
ghb1.adtelligent.com/v2/auction/ 		121 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb1.adtelligent.com/v2/auction/
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.83.69.58 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
878793ac3ff669357282f8608542fbb5602c9f99fe40d310dee8ef34b9e51a62

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 23 Nov 2023 15:11:38 GMT
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.gmanetwork.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
121
prebid
mp.4dex.io/ 		66 B
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:22b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2df93cdf82ecadb17fa1511e62333500fee1411eca884eb02d6ed77c2c1a339

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Thu, 23 Nov 2023 15:11:38 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 4 inventory rules not found for mediatype: banner and adUnitCode: andbeyond9702
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gmanetwork.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
82aa588a39b62beb-FRA
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		306 B
834 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17054&site_id=400198&zone_id=2242436&size_id=2&alt_size_ids=1%2C55&rp_schain=1.0,1!andbeyond.media,11791,1,,,&eid_pubcid.org=0eacd417-eadb-441c-968f-bb85b79ef499%5E1&rf=https%3A%2F%2Fwww.gmanetwork.com%2F&kw=GMA%2CGMANetwork%2CKapuso%2CKapusoNetwork%2CGMANetworkPortal%2CGMAOnline&tg_i.domain=gmanetwork.com&tg_i.page=https%3A%2F%2Fwww.gmanetwork.com%2F&tk_flint=rtbpbjs_lite_v7.54.5&x_source.tid=43487239-51d8-4673-a590-26b9fa4706f4&l_pb_bid_id=5921318365d2667&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&x_imp.ext.tid=43487239-51d8-4673-a590-26b9fa4706f4&rp_maxbids=1&slots=1&rand=0.6352974464495726
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::43 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1f7b3b3dac487e1556ad842acb496488eaa4404a74c22ff135ddb5dfaa15ee81

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:38 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.gmanetwork.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
306
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		139 B
705 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
60f02d79244d0fadb7a683bc26e4a5600d42ab7d96b6f9fb345f2aac509d7f2b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:38 GMT
an-x-request-uuid
ff624b46-13cc-4ff6-89a6-77298a367426
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gmanetwork.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.141.152.75; 45.141.152.75; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		0
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.5&cb=30631428173&lsavail=1&bundle=AcNcvF9XSFdLOUZLRUIzOGZuODJadm5PcWV6aUJLWTNia1liSCUyRnY1NTJpZ2F6dk9pTVZubjVmZGo5b1c2OXg5QUhFaSUyRllWcUVhTTRBQUp4JTJGU2tOa2FvSUVDYVVyZ2N5bG80TUVtMXk2ZjFBZkhOc283ejFVeXBCZExOYWNzSFVhWjZCTkFGZUdNZGJQRmR4QWxJa0RFeTgzWUElM0QlM0Q
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gmanetwork.com
date
Thu, 23 Nov 2023 15:11:38 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
bid
ap.lijit.com/rtb/ 		93 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.54.5
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
605749e8dd778106d2fe76698d7070d4d49af283cb8539aebcc37336254587f3

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 23 Nov 2023 15:11:38 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.gmanetwork.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
97
auction
rtb.adxpremium.services/openrtb2/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
5c96361404b7bdbe55bad860d3a0b6f234cf627dab119b29cff3d7b3cfc1f719

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 15:11:38 GMT
Server
nginx
X-Prebid
pbs-go/unknown
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.gmanetwork.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1982
Expires
0
header
hb.aralego.com/ 		0
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-34BA8D242267949417EEEB2DB6773AE&tdid=&schain=&eids=&pubcid=0eacd417-eadb-441c-968f-bb85b79ef499&u=https%3A%2F%2Fwww.gmanetwork.com%2F&host=www.gmanetwork.com&ucfUid=3d8ef28e-1e3b-458f-9e3b-708abe36dcca&w=970&h=90
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Lanham, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gmanetwork.com
date
Thu, 23 Nov 2023 15:11:38 GMT
access-control-allow-credentials
true
connection
close
prebid-request
onetag-sys.com/ 		15 B
415 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.gmanetwork.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
prebid
ib.adnxs.com/ut/v3/ 		139 B
706 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
7f46af98ac174d5319325f9ad6bb934cecd962e22ed5ea15d010e70d2ab9e6cf
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:38 GMT
an-x-request-uuid
d0f4cdf9-9726-4bb9-89af-138645d9c3e7
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gmanetwork.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.141.152.75; 45.141.152.75; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pd
google-bidout-d.openx.net/w/1.0/ Frame 43D0 		0
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gmanetwork.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Thu, 23 Nov 2023 15:11:38 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
pes.pip.34eec0f1.js
static1.dmcdn.net/playerv5/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/pes.pip.34eec0f1.js
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/libs/player/x3d09.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.49 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-49.deploy.static.akamaitechnologies.com
Software
DMS/1.0.42 /
Resource Hash
0ee83423c0a378adb7519826e6d567c2f3200312cba4e76191b5b259ad3d0844
Security Headers
Name Value
Strict-Transport-Security max-age=31708800; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31708800; includeSubDomains; preload
content-encoding
gzip
date
Thu, 23 Nov 2023 15:11:38 GMT
x-status
Hit from child
server-timing
total;dur=2, dc;desc="dc3"
content-length
3743
last-modified
Thu, 23 Nov 2023 09:12:34 GMT
server
DMS/1.0.42
etag
"655f1782-2e7f"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Dec 2023 09:14:14 GMT
/
pebed.dm-event.net/ 		15 B
363 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pebed.dm-event.net/
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/libs/player/x3d09.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.59 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ebed2.dm.gg
Software
edward-ed/2.2.1 /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain; charset=UTF-8

Response headers

Date
Thu, 23 Nov 2023 15:11:38 GMT
Server
edward-ed/2.2.1
Access-Control-Max-Age
604800
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length
15
cookie.js
geo.dailymotion.com/ 		38 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://geo.dailymotion.com/cookie.js
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/libs/player/x3d09.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.8.215.137 , France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
lrpwww.dailymotion.com
Software
DMS/1.0.42 /
Resource Hash
407c0ea74212ba3a966ae1d7cf3c8ecf68e6071c8b6194fa830e4560ec13635b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31708800; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Security-Policy
upgrade-insecure-requests
Strict-Transport-Security
max-age=31708800; includeSubDomains; preload
Referrer-Policy
strict-origin-when-cross-origin
Date
Thu, 23 Nov 2023 15:11:38 GMT
Server
DMS/1.0.42
Expect-Ct
max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Content-Security-Policy-Report-Only
default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Vary
X-DM-SSL
Content-Type
application/javascript; charset=utf-8
Cache-Control
no-cache, no-store
Server-Timing
total;dur=7, dc;desc="dc3"
Connection
Keep-Alive
Timing-Allow-Origin
*
Keep-Alive
timeout=60, max=4996
Content-Length
38
adview
securepubads.g.doubleclick.net/pagead/ Frame 6EFE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C7_AoqmtfZZqrBIqRwuIPlIuL0AWVyL-sdPDb0M21EoSPjJeGDxABINqRgGtgleKQgqAHoAH-lMW2KcgBCakCzZ7FXaVTsj7gAgCoAwHIAwqqBLwCT9DaulmtfvWuhFtNS1hIEKcGl9OGMpSjI22O0yfXV1Fv0CmJyh2t6d34Fe1E0nwQrrtai0a0Uzl4jKp-KH5A-CstNbik7CSVvAoOASl8Suh1VsZVWZRAdo3-q-_x4kCFIdnEJLeZJWlcml4rIUdpf89clryBwyDFK_mklpy0ZvL6myAmM_M-aDm9semUi-vou_bZsMJe03rWgOJ6qnsT0IKINqyElyMLO55J3dlPOPsONCw3LapiD2aQh5Bca5jlA5r2iMBSouE67IN-U9FIksa_fAHodcSG_5_CRsO111d7P1t49gvPBUgEGDSYG0vR5P58DBlg4QXtsUCz_XQYKdX8wIK8m6GfHp41HODwgScTQ96gYdLStRHl-tkN1JOvrUWSRoeSw3tnOGoX8nKPwKWIDrp6ZDXV6VAs9MAE_9XkwtEE4AQBiAWPq66vTZIFBAgEGAGSBQQIBRgEoAYugAf-zJWWBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEELeOA9IIFgiA4YBwEAEYHTIC6wI6AoBASL39wTqaCbkBaHR0cHM6Ly9kZS50b3Bpb3ouY29tL2Rzcj9xPWRpZ2l0YWwlMjBtYXJrZXRpbmclMjBlbWFpbCUyMGNhbXBhaWducyZhc2lkPXRwel9jaDEwJmRlPWMmcmFjPWRpZ2l0YWwlMjBtYXJrZXRpbmclMjBlbWFpbCUyMGNhbXBhaWducyZzY2xpZD0wLTI0MDY5LXBsY193d3cuZ21hbmV0d29yay5jb20tbG9jXzEwMDQzNjMtZGV2X2OACgPICwGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7EC4g0TCJ-ezoS02oIDFYqIUAYdlMUCWrgT5APYEwzQFQGAFwGyFx4KHAgAEhRwdWItMzk4ODY2Mjk4NTQ3MTg3Nxjj1Sc&sigh=lxlJbefHnUI&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTgDICaaNIlEsL3PCF5p-lgNXcM2xhOcCPeSWfbk30oUnXcBS2AZPEZA54sD8MBicL8zXcw5nlpN31tBK0vxvcOD0hjIgjmZfa08Hj-kdoRgB&template_id=484&cbvp=2
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
jquery.lazyload.min.js
cdnjs.cloudflare.com/ajax/libs/jquery.lazyload/1.9.1/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery.lazyload/1.9.1/jquery.lazyload.min.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad79ce7e34d1a788809bb853031133de2ae45f3c19ac4955dae46c7490188c2e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1244679
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1120
last-modified
Mon, 04 May 2020 16:11:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec3-d35"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=alNVC2ievujcHxD4oX8AY%2FuF%2FT7mzqJrVb10oYZ6pu%2B93pjHlLbOqXKJ1THeVe3vEvbV5EzoN%2BVN6iGjgZM6PJ15rKAnE%2FF3SD9DN0iGBZ2XPRvUdLtDb3oWCQ8GYwXZFdOzHOdDPa4osVEBtj3uPZTo"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
82aa588a99181c36-FRA
expires
Tue, 12 Nov 2024 15:11:38 GMT
gnoadscript.js
images.gmanews.tv/res/js/ 		36 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://images.gmanews.tv/res/js/gnoadscript.js
Requested by
Host: aphrodite.gmanetwork.com
URL: https://aphrodite.gmanetwork.com/assets/revamp/js/src/widgets/interstitial.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-36.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
869a589a48cc6c4b630a9d54e98995b084bf88d8bb0774f09e31455ae1517d17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:39 GMT
content-encoding
gzip
via
1.1 1ed131e2ff13a9b8852067b4dfb6f2dc.cloudfront.net (CloudFront)
last-modified
Mon, 14 Nov 2022 09:47:44 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
etag
W/"5e24ecf586e9542193f3852995e6bbdb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=120
x-amz-cf-id
zA5lPpZdMWpeHx7eohCEcfMLrnhbkpbMtn_EVm_VJp60F-SlWof3Kg==
script.js
cadmus.script.ac/dahhc4ozyvjm6/ 		129 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1791 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63af22e1c5c589f8c9cd306d5f183af391b4dbb7487aaf28211499473d234b6d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:38 GMT
content-encoding
gzip
last-modified
Thu, 23 Nov 2023 15:05:43 GMT
server
cloudflare
age
0
etag
W/"4be8d056f55a034b76b65e3e1ba3c0ea326c82bc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray
82aa588acb9a361d-FRA
adagio.js
script.4dex.io/ 		77 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61496aa1a9c3d26cfc292b41fc451a597a47468117c1fb258226a57296390433

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 15:11:38 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1406517
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 06 Nov 2023 14:13:08 GMT
Server
cloudflare
ETag
W/"ccc354615ffb5b4afd96268bab4a6502"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HeShgJEQ07Pq00abkWObgsaTnihAONJ%2FRTd7QcHfg3Y%2BCrDPb2YpXi9GJN9SA%2FlQA2L8DjViHKBena3at4kdMCh2LBBP780iKhEzBpme1NGon9%2BTj1MeBayDVeBsRGr4FSZyaxA%2FS2O8n3Mn"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
82aa588abd475d67-FRA
x3d09.html
geo.dailymotion.com/player/ Frame 9F29 		65 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://geo.dailymotion.com/player/x3d09.html?video=x8puf01&customConfig[customParams]=dm_position%3Dmainrecowidget&actionInfo=false&mute=true&dmPubtool=new-cdn-ce-v2
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/libs/player/x3d09.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.8.215.137 , France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
lrpwww.dailymotion.com
Software
DMS/1.0.42 /
Resource Hash
40d3e417b9b04c92bd705bcb20c234420ea1c81a4cff83afc33033d080233cc3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31708800; includeSubDomains; preload

Request headers

Referer
https://www.gmanetwork.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, no-store
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
21505
Content-Security-Policy
upgrade-insecure-requests
Content-Security-Policy-Report-Only
default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Content-Type
text/html; charset=utf-8
Date
Thu, 23 Nov 2023 15:11:38 GMT
Expect-Ct
max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Keep-Alive
timeout=60, max=4973
Referrer-Policy
strict-origin-when-cross-origin
Server
DMS/1.0.42
Server-Timing
total;dur=19, dc;desc="dc3"
Strict-Transport-Security
max-age=31708800; includeSubDomains; preload
Timing-Allow-Origin
*
Vary
X-DM-SSL,Accept-Encoding
dmp.infopack.45cd87b822a902fefa88.js
static1.dmcdn.net/playerv5/ Frame 9F29 		55 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.infopack.45cd87b822a902fefa88.js
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/x3d09.html?video=x8puf01&customConfig[customParams]=dm_position%3Dmainrecowidget&actionInfo=false&mute=true&dmPubtool=new-cdn-ce-v2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.49 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-49.deploy.static.akamaitechnologies.com
Software
DMS/1.0.42 /
Resource Hash
33342f4dc05d8d78b73a556268c204b766a15f85e04324801c6cb418bf9e2a75
Security Headers
Name Value
Strict-Transport-Security max-age=31708800; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31708800; includeSubDomains; preload
content-encoding
gzip
date
Thu, 23 Nov 2023 15:11:38 GMT
x-status
Hit from child
server-timing
total;dur=2, dc;desc="ix7"
content-length
14332
last-modified
Wed, 15 Nov 2023 14:40:30 GMT
server
DMS/1.0.42
etag
"6554d85e-daad"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Dec 2023 14:42:34 GMT
dmp.jq_flight.1d9782312a093aadb89f.js
static1.dmcdn.net/playerv5/ Frame 9F29 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.jq_flight.1d9782312a093aadb89f.js
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/x3d09.html?video=x8puf01&customConfig[customParams]=dm_position%3Dmainrecowidget&actionInfo=false&mute=true&dmPubtool=new-cdn-ce-v2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.49 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-49.deploy.static.akamaitechnologies.com
Software
DMS/1.0.42 /
Resource Hash
5e24b61f7ae7a4e552208ab7eb54601da5fd5af5a24a5cf542839398a33a9630
Security Headers
Name Value
Strict-Transport-Security max-age=31708800; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31708800; includeSubDomains; preload
content-encoding
gzip
date
Thu, 23 Nov 2023 15:11:38 GMT
x-status
Hit from child
server-timing
total;dur=1, dc;desc="dc3"
content-length
14936
last-modified
Tue, 07 Nov 2023 08:35:10 GMT
server
DMS/1.0.42
etag
"6549f6be-a5e2"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Dec 2023 08:47:23 GMT
dmp.photon_vendor.3ce7557f0c4e78d46b63.js
static1.dmcdn.net/playerv5/ Frame 9F29 		321 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.photon_vendor.3ce7557f0c4e78d46b63.js
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/x3d09.html?video=x8puf01&customConfig[customParams]=dm_position%3Dmainrecowidget&actionInfo=false&mute=true&dmPubtool=new-cdn-ce-v2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.49 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-49.deploy.static.akamaitechnologies.com
Software
DMS/1.0.42 /
Resource Hash
45986891113c4ae3780f4974cd3facaf0146bf46605c1b9ef525896d75fa6aaa
Security Headers
Name Value
Strict-Transport-Security max-age=31708800; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31708800; includeSubDomains; preload
content-encoding
gzip
date
Thu, 23 Nov 2023 15:11:38 GMT
last-modified
Thu, 16 Nov 2023 09:48:32 GMT
server
DMS/1.0.42
etag
"6555e570-503f9"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-status
Hit from child
server-timing
total;dur=1, dc;desc="ix7"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Dec 2023 09:50:51 GMT
dmp.photon_boot.cb9aa0d3f45a51d1596a.js
static1.dmcdn.net/playerv5/ Frame 9F29 		121 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.photon_boot.cb9aa0d3f45a51d1596a.js
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/x3d09.html?video=x8puf01&customConfig[customParams]=dm_position%3Dmainrecowidget&actionInfo=false&mute=true&dmPubtool=new-cdn-ce-v2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.49 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-49.deploy.static.akamaitechnologies.com
Software
DMS/1.0.42 /
Resource Hash
476d80c2092cb216c73ec1efe55ad2b16d88911c0d05d6a2545205b38a757528
Security Headers
Name Value
Strict-Transport-Security max-age=31708800; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31708800; includeSubDomains; preload
content-encoding
gzip
date
Thu, 23 Nov 2023 15:11:38 GMT
x-status
Hit from child
server-timing
total;dur=1, dc;desc="dc3"
content-length
39097
last-modified
Thu, 23 Nov 2023 09:12:27 GMT
server
DMS/1.0.42
etag
"655f177b-1e4cc"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Dec 2023 09:14:44 GMT
dmp.photon_app.d23ef0310ac6950f972a.js
static1.dmcdn.net/playerv5/ Frame 9F29 		167 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.photon_app.d23ef0310ac6950f972a.js
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/x3d09.html?video=x8puf01&customConfig[customParams]=dm_position%3Dmainrecowidget&actionInfo=false&mute=true&dmPubtool=new-cdn-ce-v2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.49 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-49.deploy.static.akamaitechnologies.com
Software
DMS/1.0.42 /
Resource Hash
77b8ee6b3a8442b681e4bacb27c4fc82ad87c5953b8497700507bf3be7c6a26b
Security Headers
Name Value
Strict-Transport-Security max-age=31708800; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31708800; includeSubDomains; preload
content-encoding
gzip
date
Thu, 23 Nov 2023 15:11:38 GMT
last-modified
Thu, 23 Nov 2023 09:12:27 GMT
server
DMS/1.0.42
etag
"655f177b-29d99"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-status
Hit from child
server-timing
total;dur=2, dc;desc="ix7"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Dec 2023 09:13:54 GMT
dmp.photon_player.ab7c06b86596301a2464.js
static1.dmcdn.net/playerv5/ Frame 9F29 		68 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.photon_player.ab7c06b86596301a2464.js
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/x3d09.html?video=x8puf01&customConfig[customParams]=dm_position%3Dmainrecowidget&actionInfo=false&mute=true&dmPubtool=new-cdn-ce-v2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.49 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-49.deploy.static.akamaitechnologies.com
Software
DMS/1.0.42 /
Resource Hash
fa2f2c409ec8c3790f3a2824ff3644873de9ca6700b7b3add056837bb677ee9f
Security Headers
Name Value
Strict-Transport-Security max-age=31708800; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31708800; includeSubDomains; preload
content-encoding
gzip
date
Thu, 23 Nov 2023 15:11:38 GMT
x-status
Hit from child
server-timing
total;dur=2, dc;desc="dc3"
content-length
19831
last-modified
Wed, 22 Nov 2023 09:39:21 GMT
server
DMS/1.0.42
etag
"655dcc49-10e8e"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Dec 2023 09:41:07 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 9F29 		365 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/x3d09.html?video=x8puf01&customConfig[customParams]=dm_position%3Dmainrecowidget&actionInfo=false&mute=true&dmPubtool=new-cdn-ce-v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a32283aaba0418ac1b0953af32fbe71948d43e7cdc08abeca552a9373809087
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128094
x-xss-protection
0
expires
Thu, 23 Nov 2023 15:11:38 GMT
dmp.advertising.dc5bca3ee760035212cb.js
static1.dmcdn.net/playerv5/ Frame 9F29 		182 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.advertising.dc5bca3ee760035212cb.js
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/x3d09.html?video=x8puf01&customConfig[customParams]=dm_position%3Dmainrecowidget&actionInfo=false&mute=true&dmPubtool=new-cdn-ce-v2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.49 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-49.deploy.static.akamaitechnologies.com
Software
DMS/1.0.42 /
Resource Hash
d8511cc0f5888a6bb21a72ca35fcb8828d354b14b67aaf385de7b322f3842097
Security Headers
Name Value
Strict-Transport-Security max-age=31708800; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31708800; includeSubDomains; preload
content-encoding
gzip
date
Thu, 23 Nov 2023 15:11:38 GMT
last-modified
Wed, 22 Nov 2023 14:22:51 GMT
server
DMS/1.0.42
etag
"655e0ebb-2d7e8"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-status
Hit from child
server-timing
total;dur=1, dc;desc="ix7"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Dec 2023 14:24:40 GMT
dmp.locale-en-US.7ea9e0789b5df615c7aa.json
static1.dmcdn.net/playerv5/ Frame 9F29 		2 KB
902 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.locale-en-US.7ea9e0789b5df615c7aa.json
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/x3d09.html?video=x8puf01&customConfig[customParams]=dm_position%3Dmainrecowidget&actionInfo=false&mute=true&dmPubtool=new-cdn-ce-v2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-23.deploy.static.akamaitechnologies.com
Software
DMS/1.0.42 /
Resource Hash
fe5a5f3469030993701e2cb0c63a1a66b1a3d59f87d35a5fc0fb0503fb534cd4
Security Headers
Name Value
Strict-Transport-Security max-age=31708800; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31708800; includeSubDomains; preload
content-encoding
gzip
date
Thu, 23 Nov 2023 15:11:38 GMT
x-status
Hit from child
server-timing
total;dur=1, dc;desc="dc3"
content-length
609
last-modified
Tue, 07 Nov 2023 08:35:15 GMT
server
DMS/1.0.42
etag
"6549f6c3-7fa"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Dec 2023 08:46:32 GMT
/
pebed.dm-event.net/ Frame 9F29 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pebed.dm-event.net/
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/x3d09.html?video=x8puf01&customConfig[customParams]=dm_position%3Dmainrecowidget&actionInfo=false&mute=true&dmPubtool=new-cdn-ce-v2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.59 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ebed2.dm.gg
Software
edward-ed/2.2.1 /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer
https://geo.dailymotion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

Date
Thu, 23 Nov 2023 15:11:38 GMT
Server
edward-ed/2.2.1
Access-Control-Max-Age
604800
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length
15
/
pebed.dm-event.net/ Frame 9F29 		15 B
363 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pebed.dm-event.net/
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/x3d09.html?video=x8puf01&customConfig[customParams]=dm_position%3Dmainrecowidget&actionInfo=false&mute=true&dmPubtool=new-cdn-ce-v2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.59 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ebed2.dm.gg
Software
edward-ed/2.2.1 /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer
https://geo.dailymotion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain; charset=UTF-8

Response headers

Date
Thu, 23 Nov 2023 15:11:38 GMT
Server
edward-ed/2.2.1
Access-Control-Max-Age
604800
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length
15
/
pebed.dm-event.net/ Frame 9F29 		15 B
363 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pebed.dm-event.net/
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/x3d09.html?video=x8puf01&customConfig[customParams]=dm_position%3Dmainrecowidget&actionInfo=false&mute=true&dmPubtool=new-cdn-ce-v2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.59 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ebed2.dm.gg
Software
edward-ed/2.2.1 /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer
https://geo.dailymotion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain; charset=UTF-8

Response headers

Date
Thu, 23 Nov 2023 15:11:38 GMT
Server
edward-ed/2.2.1
Access-Control-Max-Age
604800
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length
15
x8puf01
www.dailymotion.com/player/metadata/video/ Frame 9F29 		9 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.dailymotion.com/player/metadata/video/x8puf01?embedder=https%3A%2F%2Fwww.gmanetwork.com%2F&geo=1&player-id=x3d09&locale=en-US&dmV1st=D0304F0A02FBDBF9C5AB5273DBE9567B&dmTs=387135&is_native_app=0&customConfig[customParams]=dm_position%3Dmainrecowidget
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/x3d09.html?video=x8puf01&customConfig[customParams]=dm_position%3Dmainrecowidget&actionInfo=false&mute=true&dmPubtool=new-cdn-ce-v2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.90 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
fp.dc3.dailymotion.com
Software
DMS/1.0.42 /
Resource Hash
cb5044d90e4cd2c38ec38509ff1aa130c55af37d772fab51d5d95acf3c6bc7c4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31708800; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Security-Policy
upgrade-insecure-requests
Content-Encoding
gzip
Date
Thu, 23 Nov 2023 15:11:38 GMT
Strict-Transport-Security
max-age=31708800; includeSubDomains; preload
Content-Security-Policy-Report-Only
default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Server-Timing
total;dur=150, dc;desc="dc3"
Content-Length
5362
Referrer-Policy
strict-origin-when-cross-origin
Server
DMS/1.0.42
Expect-Ct
max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Vary
X-DM-SSL,Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://geo.dailymotion.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Timing-Allow-Origin
*
Access-Control-Allow-Headers
Authorization
hbjson
grid.bidswitch.net/ 		24 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.74.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-74-214.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
3b4973355c796a000684013979c175e9e88f3412a3b9827207feac90a7fddcac

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 23 Nov 2023 15:11:38 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.gmanetwork.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
prebid
prebid.media.net/rtb/ 		338 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUO7Q43N
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
fba89eddca34e14d291ac3a77e1b5389505c3d69e227f0ccb41bc5c4de82d534

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:38 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.gmanetwork.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
7
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 23 Nov 2023 15:11:38 GMT
bid-request
rtb.adpone.com/ 		812 B
746 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adpone.com/bid-request?pid=122102311271244
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
483cdb6694196232fa95ccfda0a24777b3f6c9349b20dc3ce304f447c24ebee7

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Nov 2023 15:11:38 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dmdCZPSVMxu8DRPQswdfTW93SXSKLoO8jpmMEMCTMryT0u8ExUQmFPyX%2BLrQMivC3RyaIftuT3t4wW9t7Ny8vgokBxIzJeirHTmCYIBkjrFOXjsZOZWTgckVRhB7SI6reXsf3TiY4hIp4SK%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.gmanetwork.com
access-control-allow-credentials
true
cf-ray
82aa588b08c91ac7-FRA
c
prebid.a-mo.net/a/ 		0
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gmanetwork.com
date
Thu, 23 Nov 2023 15:11:37 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
13
server
envoy
vary
origin, Accept-Encoding
adjson
ads.betweendigital.com/ 		2 B
890 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gmanetwork.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
prebid
ib.adnxs.com/ut/v3/ 		139 B
820 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e47b5e67ce5170d91fc57ccbd60e052a6741194d49b71054f8f8fc9d3303bb4f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:38 GMT
an-x-request-uuid
da7f9e8b-8aa4-45e7-9c55-ed4f0ae0cf95
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gmanetwork.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.141.152.75; 45.141.152.75; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bid-request
a.teads.tv/hb/ 		414 B
648 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.218.209.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-209-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a18592f41ad4b992e4381c88220d5061c2ef48ebac2879d9f5b3eb5bf511b298

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:38 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.gmanetwork.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
305
expires
Thu, 23 Nov 2023 15:11:38 GMT
hbjson
grid.bidswitch.net/ 		24 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.74.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-74-214.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
eca568615603f6bba0028753fe59c0143db623292b810b05a032997ff754c8b4

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 23 Nov 2023 15:11:38 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.gmanetwork.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
/
ghb2.adtelligent.com/v2/auction/ 		121 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb2.adtelligent.com/v2/auction/
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5239::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
321460fc9c30854363bc21dee928ac165b36e0f465f50c888f5c576c696c15b3

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 23 Nov 2023 15:11:38 GMT
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.gmanetwork.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
121
prebid
mp.4dex.io/ 		66 B
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:22b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2df93cdf82ecadb17fa1511e62333500fee1411eca884eb02d6ed77c2c1a339

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Thu, 23 Nov 2023 15:11:38 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 2 inventory rules not found for mediatype: banner and adUnitCode: andbeyond3001
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gmanetwork.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
82aa588b0afa2beb-FRA
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		306 B
657 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17054&site_id=400198&zone_id=2242416&size_id=15&alt_size_ids=13%2C13%2C14&rp_schain=1.0,1!andbeyond.media,11791,1,,,&eid_pubcid.org=0eacd417-eadb-441c-968f-bb85b79ef499%5E1&rf=https%3A%2F%2Fwww.gmanetwork.com%2F&kw=GMA%2CGMANetwork%2CKapuso%2CKapusoNetwork%2CGMANetworkPortal%2CGMAOnline&tg_i.domain=gmanetwork.com&tg_i.page=https%3A%2F%2Fwww.gmanetwork.com%2F&tk_flint=rtbpbjs_lite_v7.54.5&x_source.tid=3b21b950-e6b9-4e4f-a832-7b32d83c8cb0&l_pb_bid_id=96f27783b2d6de3&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&x_imp.ext.tid=3b21b950-e6b9-4e4f-a832-7b32d83c8cb0&rp_maxbids=1&slots=1&rand=0.501041955921165
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::43 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
fb02378f75830c5ad77dd9ecf08ca1d4a6a244e28ff2b39f8d33fbe3af78ff2f

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:38 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.gmanetwork.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
306
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		138 B
819 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
7ac163dd308e4cffb0524b156b8706b12395d3b859673c1bf3eca99ce8206af4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:38 GMT
an-x-request-uuid
2533dc27-31fd-4c2f-bb1d-bbe0ce6023a5
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gmanetwork.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.141.152.75; 45.141.152.75; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
138
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.5&cb=24586382163&lsavail=1&bundle=AcNcvF9XSFdLOUZLRUIzOGZuODJadm5PcWV6aUJLWTNia1liSCUyRnY1NTJpZ2F6dk9pTVZubjVmZGo5b1c2OXg5QUhFaSUyRllWcUVhTTRBQUp4JTJGU2tOa2FvSUVDYVVyZ2N5bG80TUVtMXk2ZjFBZkhOc283ejFVeXBCZExOYWNzSFVhWjZCTkFGZUdNZGJQRmR4QWxJa0RFeTgzWUElM0QlM0Q
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
0a1640f41c6d768a670e8ff4cb9b0189b8e0267d2d96b76906db53cd358cd0a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Nov 2023 15:11:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.gmanetwork.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
bid
ap.lijit.com/rtb/ 		95 B
503 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.54.5
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
d71bed966dc37c0287eaf68902ebea8eb44f104cb8c288866694769555844f22

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 23 Nov 2023 15:11:38 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.gmanetwork.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
auction
rtb.adxpremium.services/openrtb2/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
8eaa3b3ac2b1d6e12669a67f3a8aeaf668ef71ca9b503654ce72e08d55d32e37

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 15:11:38 GMT
Server
nginx
X-Prebid
pbs-go/unknown
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.gmanetwork.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1983
Expires
0
header
hb.aralego.com/ 		0
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-E2B649E2ED2D29E8FE284DD84882836&tdid=&schain=&eids=&pubcid=0eacd417-eadb-441c-968f-bb85b79ef499&u=https%3A%2F%2Fwww.gmanetwork.com%2F&host=www.gmanetwork.com&ucfUid=3d8ef28e-1e3b-458f-9e3b-708abe36dcca&w=300&h=250
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Lanham, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gmanetwork.com
date
Thu, 23 Nov 2023 15:11:38 GMT
access-control-allow-credentials
true
connection
close
prebid-request
onetag-sys.com/ 		15 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.gmanetwork.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
prebid
ib.adnxs.com/ut/v3/ 		140 B
822 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
d111646fd38b94952eee0ad35c5d980e1f7001b68233606077280771b1963bbf
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:38 GMT
an-x-request-uuid
01f7fd5d-ed48-4548-8dc5-d7759e94c840
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gmanetwork.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.141.152.75; 45.141.152.75; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
140
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.gmanetwork.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Thu, 23 Nov 2023 15:11:38 GMT
server
nginx/1.21.6
via
1.1 google
1a
i.clean.gg/ 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 Nov 2023 15:11:38 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vendor-list-v204.json
vendorlist.dmcdn.net/v2/archives/ Frame 9F29 		418 KB
55 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vendorlist.dmcdn.net/v2/archives/vendor-list-v204.json
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.infopack.45cd87b822a902fefa88.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
AmazonS3 /
Resource Hash
b0978fb0412437ad74f3482f09b3c0084254e06ca8a3956467c7a388746ab840

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
GSRcJmcaUJWitICBWr9S2xwSG6ODE9pk
content-encoding
gzip
via
1.1 12106f573f4d659c0533de0d7a9042c0.cloudfront.net (CloudFront)
date
Thu, 23 Nov 2023 15:11:38 GMT
x-amz-cf-pop
CDG52-P1
age
519629
x-amz-server-side-encryption
AES256
content-length
56075
last-modified
Thu, 29 Jun 2023 16:05:24 GMT
server
AmazonS3
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
x-ip-address
178.79.244.22
x-amz-cf-id
AS-92Brrg2LZFvwLBWnJe3w_riHrbfs6PNqXWLCXiVIDbu6f_bcpYQ==
x-llid
407954a518ce09cabc5ad835b879ab29
expires
Fri, 24 Nov 2023 14:51:09 GMT
vendor-list-v25.json
vendorlist.dmcdn.net/v3/archives/ Frame 9F29 		530 KB
66 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vendorlist.dmcdn.net/v3/archives/vendor-list-v25.json
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.infopack.45cd87b822a902fefa88.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
AmazonS3 /
Resource Hash
61c3f279c024c4b28081fb6bda43f4e25dd8e7d9efbe3ade1d4ee0b188f88e79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
tKdlwoOnw_GuFP84h.C9QwQb.UKCEEKj
content-encoding
gzip
via
1.1 bfd596aba0de57f83442d2ebd6b268f4.cloudfront.net (CloudFront)
date
Thu, 23 Nov 2023 15:11:38 GMT
x-amz-cf-pop
CDG52-P1
age
598488
x-amz-server-side-encryption
AES256
content-length
66845
last-modified
Thu, 02 Nov 2023 16:07:35 GMT
server
AmazonS3
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
x-ip-address
178.79.244.22
x-amz-cf-id
PY5CzDH0mlCkeKe500t6-BkouJsdHavoJCFcjwtjNusaBqqTZBkuaA==
x-llid
b27f61fbe7ab3e59d67396b5a4215667
expires
Thu, 23 Nov 2023 16:56:50 GMT
/
pebed.dm-event.net/ Frame 9F29 		15 B
363 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pebed.dm-event.net/
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/x3d09.html?video=x8puf01&customConfig[customParams]=dm_position%3Dmainrecowidget&actionInfo=false&mute=true&dmPubtool=new-cdn-ce-v2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.59 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ebed2.dm.gg
Software
edward-ed/2.2.1 /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer
https://geo.dailymotion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain; charset=UTF-8

Response headers

Date
Thu, 23 Nov 2023 15:11:38 GMT
Server
edward-ed/2.2.1
Access-Control-Max-Age
604800
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length
15
dmp.quality_switch_mse.6a13042003b6018133af.js
static1.dmcdn.net/playerv5/ Frame 9F29 		388 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.quality_switch_mse.6a13042003b6018133af.js
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/x3d09.html?video=x8puf01&customConfig[customParams]=dm_position%3Dmainrecowidget&actionInfo=false&mute=true&dmPubtool=new-cdn-ce-v2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.49 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-49.deploy.static.akamaitechnologies.com
Software
DMS/1.0.42 /
Resource Hash
041e8c6602095e4f4dbe24c0788a7fe211cfa6b9b515dfa35eef1e00b5bdb875
Security Headers
Name Value
Strict-Transport-Security max-age=31708800; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31708800; includeSubDomains; preload
content-encoding
gzip
date
Thu, 23 Nov 2023 15:11:38 GMT
last-modified
Wed, 08 Nov 2023 13:06:05 GMT
server
DMS/1.0.42
etag
"654b87bd-61136"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-status
Hit from child
server-timing
total;dur=0, dc;desc="dc3"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Dec 2023 13:07:35 GMT
latencies.js
speedtest.dailymotion.com/ Frame 9F29 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://speedtest.dailymotion.com/latencies.js
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.photon_app.d23ef0310ac6950f972a.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.91 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
st.dc3.dailymotion.com
Software
/
Resource Hash
72b2181e58d5c45800d66d36702794ca5ae5bf1fbc20f106442b7eac3191a623

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 15:11:39 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Sep 2020 07:44:45 GMT
Content-Type
application/javascript
Cache-Control
max-age=21600, public
Accept-Ranges
bytes
Content-Length
2041
Expires
Thu, 23 Nov 2023 21:11:39 GMT
/
pebed.dm-event.net/ Frame 9F29 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pebed.dm-event.net/
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.photon_vendor.3ce7557f0c4e78d46b63.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.59 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ebed2.dm.gg
Software
edward-ed/2.2.1 /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Accept
application/json, text/plain, */*
Referer
https://geo.dailymotion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

Date
Thu, 23 Nov 2023 15:11:38 GMT
Server
edward-ed/2.2.1
Access-Control-Max-Age
604800
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length
15
dmp.omweb.d252f0b4c506271f4ce7.js
static1.dmcdn.net/playerv5/ Frame 9F29 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.omweb.d252f0b4c506271f4ce7.js
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/x3d09.html?video=x8puf01&customConfig[customParams]=dm_position%3Dmainrecowidget&actionInfo=false&mute=true&dmPubtool=new-cdn-ce-v2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.49 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-49.deploy.static.akamaitechnologies.com
Software
DMS/1.0.42 /
Resource Hash
c9f581d340bfc6744ba2045f76253c9cf32ea544ed3f777cc9f4f53e81e9e858
Security Headers
Name Value
Strict-Transport-Security max-age=31708800; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31708800; includeSubDomains; preload
content-encoding
gzip
date
Thu, 23 Nov 2023 15:11:38 GMT
x-status
Hit from child
server-timing
total;dur=1, dc;desc="ix7"
content-length
13924
last-modified
Tue, 07 Nov 2023 08:35:02 GMT
server
DMS/1.0.42
etag
"6549f6b6-a187"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Dec 2023 08:41:16 GMT
dmp.omid_session_client.b1d60b053fa0dabbdda9.js
static1.dmcdn.net/playerv5/ Frame 9F29 		68 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.omid_session_client.b1d60b053fa0dabbdda9.js
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/x3d09.html?video=x8puf01&customConfig[customParams]=dm_position%3Dmainrecowidget&actionInfo=false&mute=true&dmPubtool=new-cdn-ce-v2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.49 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-49.deploy.static.akamaitechnologies.com
Software
DMS/1.0.42 /
Resource Hash
e51bf4a5da89c223a83617078b466770b1e4d590f2430e74de39ce765762c840
Security Headers
Name Value
Strict-Transport-Security max-age=31708800; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31708800; includeSubDomains; preload
content-encoding
gzip
date
Thu, 23 Nov 2023 15:11:38 GMT
x-status
Hit from child
server-timing
total;dur=0, dc;desc="dc3"
content-length
13417
last-modified
Tue, 07 Nov 2023 08:35:02 GMT
server
DMS/1.0.42
etag
"6549f6b6-11010"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Dec 2023 08:47:37 GMT
ABCFavorit-Medium.woff2
static1.dmcdn.net/ Frame 9F29 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/ABCFavorit-Medium.woff2
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-23.deploy.static.akamaitechnologies.com
Software
DMS/1.0.42 /
Resource Hash
2d7e04f93797dca868560733bfe7342aabd013ae8bba52073a35bc5fd99e830b
Security Headers
Name Value
Strict-Transport-Security max-age=31708800; includeSubDomains; preload

Request headers

Referer
https://geo.dailymotion.com/
Origin
https://geo.dailymotion.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31708800; includeSubDomains; preload
date
Thu, 23 Nov 2023 15:11:38 GMT
last-modified
Thu, 20 Jul 2023 12:37:15 GMT
server
DMS/1.0.42
etag
"64b92a7b-ce44"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=2592000
x-status
Hit from child
server-timing
total;dur=1, dc;desc="dc3"
accept-ranges
bytes
timing-allow-origin
*
content-length
52804
expires
Fri, 08 Dec 2023 23:33:28 GMT
ABCFavorit-Regular.woff2
static1.dmcdn.net/ Frame 9F29 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/ABCFavorit-Regular.woff2
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-23.deploy.static.akamaitechnologies.com
Software
DMS/1.0.42 /
Resource Hash
cae765e89c38588186de4b36811acb8e873a674a2ca9223dca8fb391a012082b
Security Headers
Name Value
Strict-Transport-Security max-age=31708800; includeSubDomains; preload

Request headers

Referer
https://geo.dailymotion.com/
Origin
https://geo.dailymotion.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31708800; includeSubDomains; preload
date
Thu, 23 Nov 2023 15:11:38 GMT
last-modified
Thu, 20 Jul 2023 12:31:02 GMT
server
DMS/1.0.42
etag
"64b92906-c320"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=2592000
x-status
Hit from child
server-timing
total;dur=1, dc;desc="dc3"
accept-ranges
bytes
timing-allow-origin
*
content-length
49952
expires
Thu, 07 Dec 2023 08:47:52 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 41DA 		365 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.advertising.dc5bca3ee760035212cb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a32283aaba0418ac1b0953af32fbe71948d43e7cdc08abeca552a9373809087
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128094
x-xss-protection
0
expires
Thu, 23 Nov 2023 15:11:38 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 9F29 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.photon_app.d23ef0310ac6950f972a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 23 Nov 2023 15:11:39 GMT
oshk0
traid.jixie.io/sync/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://traid.jixie.io/sync/oshk0?osEId=GM29180G0dns
Requested by
Host: scripts.jixie.media
URL: https://scripts.jixie.media/onescript/GM180iIHc4/jx-GM29180G0dns.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.129.34.52 Jakarta, Indonesia, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; include Subdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:39 GMT
content-security-policy
default-src 'self'
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; include Subdomains; preload
vary
Origin
x-frame-options
Deny
access-control-allow-origin
undefined
access-control-allow-credentials
true
x-xss-protection
1
jxpublisher_3_1.nnb.min.js
scripts.jixie.media/ 		35 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.jixie.media/jxpublisher_3_1.nnb.min.js
Requested by
Host: scripts.jixie.media
URL: https://scripts.jixie.media/onescript/GM180iIHc4/jx-GM29180G0dns.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.91.74.174 , Mexico, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
openresty /
Resource Hash
1378e86ced6c37842e92afb9989ae0142b2f0b31c6978c8d5fd0193a28a4cb0d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

nginx-hit
1
date
Thu, 23 Nov 2023 15:11:39 GMT
x-amz-version-id
1VMI30BwwFU_k.O17rCrghnYj2tyRhRK
via
LA-MEX-queretaro-EDGE1-CACHE3[2],LA-MEX-queretaro-EDGE1-CACHE1[0,TCP_HIT,0],LA-MEX-mexicocity-GLOBAL1-CACHE18[493],LA-MEX-mexicocity-GLOBAL1-CACHE31[267,TCP_MISS,491],EA-SGP-GLOBAL1-CACHE16[3],EA-SGP-GLOBAL1-CACHE8[0,TCP_HIT,1]
x-ccdn-cachettl
2592000
content-encoding
gzip
x-amz-request-id
BN40YYEHVER36HZB
age
303820
x-amz-server-side-encryption
AES256
x-amz-id-2
CzJRlV7ufCTikLy9/iKwjFf7nWxvs3vERelm91ThoCQx+9KbH7XK+z6tYIz+0WiO07/Nu+W9J2U=
last-modified
Mon, 20 Nov 2023 02:47:51 GMT
server
openresty
etag
W/"ed4f2c87369fa01ca51bc1259c282815"
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
x-ccdn-expires
2291118
x-hcs-proxy-type
1
bridge3.605.0_en.html
imasdk.googleapis.com/js/core/ Frame 6180 		752 KB
241 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://geo.dailymotion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
449033
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
246766
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 10:27:46 GMT
expires
Sun, 17 Nov 2024 10:27:46 GMT
last-modified
Wed, 15 Nov 2023 19:11:18 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 41DA 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Nov 2023 15:11:39 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 4008 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 14:58:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
765
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 23 Nov 2023 15:58:54 GMT
x8puf01.m3u8
dmxleo.dailymotion.com/cdn/manifest/video/ Frame 9F29 		0
275 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmxleo.dailymotion.com/cdn/manifest/video/x8puf01.m3u8?auth=1700925098-2688-17grugbv-a0a98e700023809010e46c09511442e0w_kFUdT6YN7kXT5yEoTglQblBN23-4MrSYL3U2ji3sxg43h76lR4ec1xaOa38vGwd0wnbA-IhenzQwD8gZYm_Pv9ERdsD_4x26LxAHAXK8J9Hi6-wImb8awuVgHeAnlF2tGV-qfSQjztGhZX9h1YT0szQV6R2ZHvy_wiiAk44cswFPbEOKCRgDkPVzjjgLlFlZGQKs2VobVdMg270DX_MldGvTExwh0P_gFKo75QHfAO96EsRMuyms1ae49yPhx_eW4PQ17chPhGExblYAt7AOfIV-CRLvXLbZhw_zl2XSPsvvEyJldd-GxyTLs_IpegeLhtGB95AKqBKva5QvffFakn5MqNKCrrPQ6PqEiWHkiF4go4_vRDJmSiOX5PdGfV7IKQ30VSDEBuhJp_fGSvdYt63fRy209Kfrrj5H-6ja79uUzeaJK15fxdE6P_I1wlTpX06sInOrXL7sU8A7lJmrFD_1J_-9l8GrMBAsQPG6APQiWX1RdQQkQqqHYuhca9aXEF1TrAqk4bTHS5DwFrOImB-iw1V3JxF3GHQrTbL3d9lcNIMW7rW_tpijHTUpi9aP5NcGoyMKjhPMLiQlX6nose8HtKs818dbExab_wkpfHa9m88c0vS8z_xefYQJsdilY2rDnyQZyuffU0QLgfBMrEMP9RvglaT5z2Vf1gaPIRLCUXptSTxzMeyYiLOHRa8_jrNzEM2ggf8W8cNH7TMF71LG2IjA-1vXFXQT1v9L4goeQ8C8_tTJcroqVd3DXp4_a7iJLrzY9BdIF3sS2Sw1Rt5-pmu_CmOyPGf5lUjepaUSGz3ZYsF0B-bLW02r7aOCXYrTTg_U2k9kHK3RIfj5-V_700OLzNJkQDo_3dtFCd4-fuzGah1gWDkhczGrNu7whdAmjxBxQwcem2vULZY5kNYbsX8dpzi8QI97RIWek2_464cAiGf6In_-kmy5hO4b4zprw7tdIABRmxr_LGVvrGR1F-PzcJpsg0QH8dMBLx1wDUuA8GrLCYaepmuEFwNm1pEPtMDZnfdWVxsYav3ACFH1dNANz5vp_fMmsRyZpQ35SKq4h0QP4OgN09oRIV-w1O_CobTB4pS2rSkFxhJTwbkonqTVXZb4o_IHq-5D36TfS4ve1nmN-q6KxI0CGUwOui_vQ-67zqIinsHp5Zbz12YuEcqgOH_NzcStxgFXE_r6-Xt94upaHXyJx2I6G0EWZvfHkG0731k3nzUFmJfSy-EbyiCx7tsTQWW5gIs6m8OQCdnLd5he2BOLUwcHwmdmM6NPDEQCtsr6WVQC-kkdYlTRFu28kDwKHS4lj0_bseWPUrQxPY1HCs6MpmZlpIsSKtKtj8AdKEp31W6wV5zqwSGlQpd8HnTLHzQbyQql8I&af=[APIFRAMEWORKS]&bs=1&cookie_sync_ab_gk=1&reader_gdpr_flag=1&reader_gdpr_consent=&gdpr_binary_consent=opt-out&gdpr_comes_from_infopack=0&reader_us_privacy=1---
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.advertising.dc5bca3ee760035212cb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.65.124.66 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ingress-03-pub-prod-ix7.vip.dailymotion.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-dm-lb-name
ingress-nginx-nginx-in-cluster-wgcrh
date
Thu, 23 Nov 2023 15:11:39 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-methods
GET
access-control-allow-origin
https://geo.dailymotion.com/
access-control-allow-credentials
true
access-control-allow-headers
Authorization, Content-Type
dmp.pes_pip_tracking.5041b4de7b7b0fb943c6.js
static1.dmcdn.net/playerv5/ Frame 9F29 		2 KB
974 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.pes_pip_tracking.5041b4de7b7b0fb943c6.js
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/x3d09.html?video=x8puf01&customConfig[customParams]=dm_position%3Dmainrecowidget&actionInfo=false&mute=true&dmPubtool=new-cdn-ce-v2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.49 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-49.deploy.static.akamaitechnologies.com
Software
DMS/1.0.42 /
Resource Hash
63741eca9eda562e18659e715046db377b3df29e2adb9c13ca28fcac1c69a2c9
Security Headers
Name Value
Strict-Transport-Security max-age=31708800; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31708800; includeSubDomains; preload
content-encoding
gzip
date
Thu, 23 Nov 2023 15:11:39 GMT
x-status
Hit from child
server-timing
total;dur=3, dc;desc="ix7"
content-length
674
last-modified
Wed, 08 Nov 2023 13:06:05 GMT
server
DMS/1.0.42
etag
"654b87bd-656"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Dec 2023 13:08:04 GMT
cast_sender.js
www.gstatic.com/eureka/clank/119/ Frame 9F29 		50 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/119/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 12:49:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8555
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14705
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 15:08:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Fri, 24 Nov 2023 12:49:04 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
278 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
b7bcd8d825fc5b227588fe253e0a17d4562d25253dbe5a67a6622e80fbda44b3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
https://www.gmanetwork.com
date
Thu, 23 Nov 2023 15:11:38 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
x8puf01
api.dailymotion.com/video/ 		707 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.dailymotion.com/video/x8puf01?fields=id,title,thumbnail_480_url,mode,onair,owner.screenname,created_time,description,thumbnail_240_url,duration,owner.avatar_25_url,channel.name,owner.url
Requested by
Host: statics.dmcdn.net
URL: https://statics.dmcdn.net/c/dm-ce.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.90 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
fp.dc3.dailymotion.com
Software
DMS/1.0.42 /
Resource Hash
386a6e0636ad12f8ff59d2b98a862a1bcb1bc85e1b44cd0ec89679d19ee8eede
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Security-Policy
upgrade-insecure-requests
Content-Encoding
gzip
Date
Thu, 23 Nov 2023 15:11:39 GMT
Content-Security-Policy-Report-Only
default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Server-Timing
total;dur=34, dc;desc="dc3"
Content-Length
461
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 22 Nov 2023 10:19:59 GMT
Server
DMS/1.0.42
Etag
W/"yuvJzx-nymnKZzXna6FiFg-gzip"
Expect-Ct
max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Vary
X-DM-SSL,Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Date, X-DM-BackNode-Response-Time, X-DM-Edge, X-DM-Cache-Status, X-Served-By
Cache-Control
public, max-age=900
X-Frame-Options
DENY
Timing-Allow-Origin
*
Access-Control-Allow-Headers
Content-Type, Authorization
X-Robots-Tag
noindex
q
p.adlooxtracking.com/ 		86 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.adlooxtracking.com/q?v=gpt-92559af&c=532&t=1193&p=248&pn=%2F&s=%2F344684475%2FPORTAL_Home_Leaderboard_1%09div_desktop_leaderboard_1&s=%2F344684475%2FPORTAL_Home_Billboard_Footer%09div_desktop_footer_1&s=%2F344684475%2FPORTAL_Home_Mrec_1%09div_mrec_1&s=%2F344684475%2FPORTAL_Home_Mrec_1%09div_mrec_2&s=%2F344684475%2FPORTAL_Home_Desktop_Interstitial%09div-dfp-1&s=%2F21751243814%2C344684475%2F179580-970-90-1%09andbeyond9701&s=%2F21751243814%2C344684475%2F179580-970-90-2%09andbeyond9702&s=%2F21751243814%2C344684475%2F179580-300-250-1%09andbeyond3001
Requested by
Host: p.adlooxtracking.com
URL: https://p.adlooxtracking.com/gpt/a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.231.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.231.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e566ce69b9b552fb2a905a796eeafc79cc7a3910b82fbc7051333753ed3b7394
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-adloox-pubint-version
20231123073015
date
Thu, 23 Nov 2023 15:11:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-real-ip
45.141.152.75
x-adloox-pubint-commit
80ca8d3
via
1.1 google
x-adloox-pubint-commit-db
5ee398e7e-dirty
server-timing
conn;dur=0.005, ua;dur=0.040, segment_pipeline;dur=0.334, segment_ip;dur=0.005, segment_iab-valid;dur=0.011, segment_iab-spider;dur=0.858, segment_bs;dur=0.004, segment;dur=1.423
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server
nginx
vary
Accept-Encoding, origin, user-agent
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.gmanetwork.com
access-control-expose-headers
x-adloox-pubint-commit, x-adloox-pubint-commit-db, x-adloox-pubint-version
cache-control
private, must-revalidate, max-age=3600, stale-while-revalidate=86400, stale-if-error=86400
access-control-max-age
600
timing-allow-origin
*
access-control-allow-headers
x-cloud-trace-context
dmp.pes_pip_banner.24a9caa5ed8094f161ab.js
static1.dmcdn.net/playerv5/ Frame 9F29 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.pes_pip_banner.24a9caa5ed8094f161ab.js
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/x3d09.html?video=x8puf01&customConfig[customParams]=dm_position%3Dmainrecowidget&actionInfo=false&mute=true&dmPubtool=new-cdn-ce-v2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.49 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-49.deploy.static.akamaitechnologies.com
Software
DMS/1.0.42 /
Resource Hash
a9037060df03210c6d886329dcacd8db520db1e15b956addd9e54a173f94aeb2
Security Headers
Name Value
Strict-Transport-Security max-age=31708800; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31708800; includeSubDomains; preload
content-encoding
gzip
date
Thu, 23 Nov 2023 15:11:39 GMT
x-status
Hit from child
server-timing
total;dur=0, dc;desc="ix7"
content-length
1364
last-modified
Thu, 16 Nov 2023 09:48:32 GMT
server
DMS/1.0.42
etag
"6555e570-b75"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Dec 2023 09:50:54 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		93 KB
29 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2603953397491756&correlator=2252208410056606&eid=31078016%2C31079527&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&iu_parts=21751243814%3A344684475%2C179580-300-250-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C250x250%7C200x200&fluid=height&ifi=6&didk=4118059834&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Da6b015e9e1a15ea8%3AT%3D1700752298%3ART%3D1700752298%3AS%3DALNI_Mai8vBK9srJ6gQro_as2vCV2uyTIw&gpic=UID%3D00000ce01c38806a%3AT%3D1700752298%3ART%3D1700752298%3AS%3DALNI_MaVPMhF6aL8bF4H78CRrvAI4zSlVA&abxe=1&dt=1700752299265&lmt=1700752299&adxs=996&adys=2108&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.gmanetwork.com%2F&vis=1&psz=300x20&msz=300x0&fws=4&ohw=300&ga_vid=1264207553.1700752298&ga_sid=1700752298&ga_hid=885053129&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYmqDy5b8xSABSAghkEhkKCnB1YmNpZC5vcmcYu6Hy5b8xSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGJqg8uW_MUgAUgIIZBIZCgp1aWRhcGkuY29tGJqg8uW_MUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lVR1UxVVRWamRtaFJZMWRxVTBaVE1HNU9lVWxVUVQwOUluMD0Y6KTy5b8xSAASGwoMaWQ1LXN5bmMuY29tGIyi8uW_MUgAUgIIag..&dlt=1700752296380&idt=1596&prev_scp=adunit%3Ddiv_mrec%26prebidtrue%3D0%26hb_width%3D300%26hb_height%3D250%26active%3D1%26andbeyondhijack%3D0%26andbeyondunfilled%3D1%26visible%3D0%26refresh1%3D1%26activevisible%3D1%26refreshtype%3Dnone%26amznbid%3D2%26amznp%3D2%26adl_dis%3D-1%26hb_format_teads%3Damp%26hb_size_teads%3D300x250%26hb_pb_teads%3D0.10%26hb_adid_teads%3D11965656b5156817%26hb_bidder_teads%3Dteads%26hb_format_criteointl%3Damp%26hb_size_criteointl%3D300x250%26hb_pb_criteointl%3D0.09%26hb_adid_criteointl%3D118ec7d6efe97a64%26hb_bidder_criteointl%3Dcriteointl%26hb_format_adpone%3Dbanner%26hb_size_adpone%3D300x250%26hb_pb_adpone%3D0.02%26hb_adid_adpone%3D11721b323c80709c%26hb_bidder_adpone%3Dadpone%26hb_size%3D300x250%26hb_format%3Damp%26hb_pb%3D0.10%26rtb_pb%3D0.10%26hb_adid%3D11965656b5156817%26hb_bidder%3Dteads&cust_params=m_data%3Dwaiting%26m_safety%3Dwaiting%26m_categories%3Dwaiting%26m_mv%3Dwaiting%26m_gv%3Dwaiting%26gs_cat%3Dgl_english%252Cgb_safe_from_high%252Cgs_busfin%252Cgt_mixed%252Cgb_spam_high_med%252Cgb_spam_high_med_low%252Cgt_negative_mistrust%252Cgs_tech%252Cgs_tech_compute%252Cgs_tech_compute_net%252Cgs_tech_compute_net_email%252Cgs_busfin_business_marketing%252Cgs_busfin_business%252Cgs_busfin_indus%252Cgs_busfin_indus_advertising%252Cgs_personalfin%252Cgs_personalfin_utility%252Cgs_personalfin_utility_phone%252Cgt_positive_pleasure%26adl_ok%3D1&adks=2005901688&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
568fe3df9ca006affe9736ce79f4945b14af957f285d9aaac8eac9acfd1a4c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:39 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30035
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.gmanetwork.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
v3
id5-sync.com/gm/ 		319 B
603 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
d055869d88ba5d349e48918187fbe6e5960379aa97dc94a9bcaf7e6f9a96950e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gmanetwork.com
date
Thu, 23 Nov 2023 15:11:39 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
container.html
5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 04EB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gmanetwork.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 15:11:38 GMT
expires
Fri, 22 Nov 2024 15:11:38 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
tfav_adl_532.js
j.adlooxtracking.com/ads/js/ 		75 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://j.adlooxtracking.com/ads/js/tfav_adl_532.js
Requested by
Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-global-179580.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4092 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9187ba048e965aab532234ce6ed0e7aa70ab24676c118485f0c5a56cdd135f66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:39 GMT
content-encoding
gzip
cf-cache-status
HIT
age
458
x-guploader-uploadid
ABPtcPrT5gvjO7cHrlQy18LXY3uV9GeKPFLnKB9R6NKhmjFEdDhxqoEBVMGBRDrEVuBemziylvX_TRqFyA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Tue, 24 Oct 2023 08:15:25 GMT
server
cloudflare
etag
W/"c1f6e9e6a03893acdb9b3c848fc73b62"
vary
Accept-Encoding
x-goog-generation
1698135325532573
content-type
application/javascript
x-goog-hash
crc32c=aAo/7g==, md5=wfbp5qA4k6zbmzyEj8c7Yg==
cache-control
public, max-age=14400
x-goog-stored-content-length
76735
cf-ray
82aa5890dbef2c77-FRA
expires
Thu, 23 Nov 2023 16:04:01 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 04EB 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js
Requested by
Host: 5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com
URL: https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 10:09:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
18144
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9282
x-xss-protection
0
server
cafe
etag
14645652906762492339
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 10:09:15 GMT
css
fonts.googleapis.com/ Frame 04EB 		8 KB
750 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: 5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com
URL: https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 23 Nov 2023 15:11:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 23 Nov 2023 13:42:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Nov 2023 15:11:39 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame 04EB 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.css
Requested by
Host: 5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com
URL: https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 08:09:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
457352
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2920
x-xss-protection
0
last-modified
Mon, 13 Nov 2023 11:34:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Nov 2024 08:09:07 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame 04EB 		376 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Requested by
Host: 5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com
URL: https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28c5732eefa979245ff326045f37b6b7cdfc92385c594caea33e265e4a066c7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 14:04:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4053
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133672
x-xss-protection
0
last-modified
Mon, 13 Nov 2023 11:34:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Nov 2024 14:04:06 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 04EB 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com
URL: https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 10:09:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
18144
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 10:09:15 GMT
l
www.google.com/ads/measurement/ Frame 04EB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS2SyufV7-SNd84ICmZI1B8Qksb9i53IiQkVBc_DTREcryJ-s6OzeXIMwn63fw0SDcAkxPhAMa-rqLku-Al8ouaTdilBQ
Requested by
Host: 5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com
URL: https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 6EFE 		42 B
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsszyva1nS9KCsa2Kzjeacu3KdTNsTJmk6zd1vKg511_0hs1odgnpXdMy4o-HN49lZymAuRte5vl9zY-BWG3kjCd8rRErN1JUxe-T679yKaHnFbGL2JPzw1L3uZR6HiGSZG5x0CrBYsRMl46&sai=AMfl-YT33QCxjWangLESjKlB2eDK_dVUR1X-YfG5FWivru3Qic3WyJkjWnbBJzR7K6WShkuyN3ztzrJOmQbv_gukA9azNzrTuG6YNw8IRZ25-utveTX5og47d5bZsS70eF2_MuaSolkUV3LZCSMWcb2U&sig=Cg0ArKJSzDUmAL-1n66LEAE&cid=CAQSTgDICaaNIlEsL3PCF5p-lgNXcM2xhOcCPeSWfbk30oUnXcBS2AZPEZA54sD8MBicL8zXcw5nlpN31tBK0vxvcOD0hjIgjmZfa08Hj-kdoRgB&id=ampim&o=1127,811&d=336,280&ss=1600,1200&bs=1600,1200&mcvt=1016&mtos=0,0,1016,1016,1016&tos=0,0,1016,0,0&tfs=280&tls=1296&g=100&h=100&tt=1296&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 04EB 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lpbc097q&c=2309331669982&slotId=1154665834991&qqid=CKu4m4W02oIDFTJh5godFmgKHA&fb=outstream-lima&sei=44752538%2C44807614%2C44807615%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:39 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 04EB 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:39:21 GMT
x-content-type-options
nosniff
age
513138
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 16:39:21 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 04EB 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 13:37:09 GMT
x-content-type-options
nosniff
age
437670
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Nov 2024 13:37:09 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 04EB 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CHfYxq2tfZeu2E7LCmQeW0KngAdzIu7F0zfv-goUS8C4QASDn3eBuYJXikIKgB8gBBagDAcgDmwSqBLQCT9B9unQGTCAcX5waAg2WXPR8TwlS0LPV5iLgmgT4lkUHd2JCBhztjo2xpah0tNV1DZriueXbdr85q17nM9nhLc7B2NXMYZi0e-y1l6tsuIW-xkuNDf0k0v8_vPnhIXx_GyNp1EdkRmGcctjPEL2UpgrzaBB1jGpeEXdFAJuFMAVIlQq0-cPr9CArNc2EK0-jctwFuvT3jTVLRBoxlffLJEVyJezXmaQEr-pWJ7mi1yRYTzDg4lRbrW-Zpbz9xCFYlxUgi9ar0y79EBFz9sXhmS10VdsN71roH0B3edhICWrSo060_sei8RP4rd8a6UqZuEmt1_Axbzw3ZPG8mLIdiaAbq02CO-CpabHQkjSmeeas0TktJIuaMXYYWKXkBQESk7hVbzEaX7qteNVFimQU8ugOdWXABMjP7b7GBOAEA4gFpJ-9u02QBgGgBnmAB7_ajcUBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTU1OTcwMzY0NjgyNDE3MDiACgPICwHgCwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREXiDRMI0peahbTaggMVMmHmCh0WaAocsBPhgNAV0BMA2BMDiBQB2BQB0BUB-BYBgBcB&eventType=clickstring&clientTime=1700752299696&ai=CHfYxq2tfZeu2E7LCmQeW0KngAdzIu7F0zfv-goUS8C4QASDn3eBuYJXikIKgB8gBBagDAcgDmwSqBLQCT9B9unQGTCAcX5waAg2WXPR8TwlS0LPV5iLgmgT4lkUHd2JCBhztjo2xpah0tNV1DZriueXbdr85q17nM9nhLc7B2NXMYZi0e-y1l6tsuIW-xkuNDf0k0v8_vPnhIXx_GyNp1EdkRmGcctjPEL2UpgrzaBB1jGpeEXdFAJuFMAVIlQq0-cPr9CArNc2EK0-jctwFuvT3jTVLRBoxlffLJEVyJezXmaQEr-pWJ7mi1yRYTzDg4lRbrW-Zpbz9xCFYlxUgi9ar0y79EBFz9sXhmS10VdsN71roH0B3edhICWrSo060_sei8RP4rd8a6UqZuEmt1_Axbzw3ZPG8mLIdiaAbq02CO-CpabHQkjSmeeas0TktJIuaMXYYWKXkBQESk7hVbzEaX7qteNVFimQU8ugOdWXABMjP7b7GBOAEA4gFpJ-9u02QBgGgBnmAB7_ajcUBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTU1OTcwMzY0NjgyNDE3MDiACgPICwHgCwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREXiDRMI0peahbTaggMVMmHmCh0WaAocsBPhgNAV0BMA2BMDiBQB2BQB0BUB-BYBgBcB
Requested by
Host: 5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com
URL: https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 04EB 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lpbc0981&c=2309331669982&slotId=1154665834991&qqid=CKu4m4W02oIDFTJh5godFmgKHA&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.c6&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:39 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 04EB 		24 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-DHvnidCV6P4pm83sVUU7vJ1hcpEyOA7T65zsGwp7xTA5R9-hZKB18o9c7sLg2dEEX0d9RDuLOyK8VJIj4c7iGQNuDJyA&cry=1&dbm_d=AKAmf-CEHUk8pB0roj7_Rlo8RVzFdmgzGSo6XDFYaU0ihgZYQkDp-9yN6dQbZDv1eSzA-L_UZYd5dkyutvhGEmjbfNqbqitdjeWlh7LM7S_BNXRW6g97H42d0GEDbAvxP2H3hzSQosKkHulcQM7k1nSUYrT39PlC14uf2Ytps4FSqMFpwFw3Mr9mox4K5xele-aU8bMuHYgfe4P8miLhMnsAC9-s8tzqPQHz6SMzXXyD4XFWGzl03iAZtOqmDR2_lBt2dOjItO-Auw9RDC1CYb_QmoO5dHu3DtRux910BG5NuEdjQV8TkzzSushD-Y8kdba7VOF4FAizPNROWMrvnzpD45s4dAOqWtJHvVMSTLXl30lE8r7BlsdbJk4tC8iz_CVfiTnPhRnys1mMyHw_VOPymyd3CLnriGmqt_vY22VIQvMmCZ3TWMqtUdkJ-5fORSy4Q0jzQhzTZbWUMrtIy-hHG891TGYhCPFjcGS1xzMuj_JskBAkN1XyFr0x519SR11OAXdu82tPWsIQTYTQ4G-bw5V5Jd71xIfsSedsKM3OxgUddo2ghKV_ZTTHrWEQ39UiD6ghFIgAkTglAxyH2uMnbExdD0B8VGYjkZpIl0MkLzYLxRikOjMFsdEZuWLZ4DtrdeVbioedzUW0SgkrC5FYsE_QJeUOeVhaxlssB0A1gE6lP3GBroq1Trot05Ha634U8w-gVJvOpRdPcyuXrUeyVtOgxjGEjdATZqfprEj0ug4kGyyGxnXEzNxIRwvfLsVbxvvsFMfVkq1XSdx6eGFA7fiQeVm5EAbI6fjPvqb-jc9dwLrNPVW6-gsQphXjuey2cQbD72Rz5ssRx30TKqkg8zXPwvxu0H2hVOmK972DObO2Dq6LBJ0IbdifX8WtnnnBhFXlAUXt0y7Ni3TwKIi04Ed7ZdxYDi3QRbqUo3W3XCPWlX7k8FZJmyb1VcMo2AoX94d204sI8vEhbiQaCSZqs2p0GT8TkbZVGhOjEEYBaQAyR3nNE-GSWGDeHPh9W8KvJiaMOU7bk_7T2e0peJpe6fefx9V676UqaRxwBTEYLaoHpzIIaempUGsFfOsz-5VksV8uPIYzfGP0T9uYmh0Dl31-oLWp4uAlSCQK1NVVKZFWdzvVoE8euvlFhhHAFCtm9MkGGpU13m0ryWkRGm5LhMO_DjLs6hADwYEWXOqH44CpYoptWgh_C3CkfQgOYOSZr3hiTlE6NYRmq3GWr93DEWSrnVGwPIb4_tI4QGtkDab0rcfYe7TIC2j9A8l3qk0vfoaf_wvgjFdIG25UbZixsACQcdLfRMELzGveqwhPUJ4mJfk25UxjTRb0z84SoaBV8WXckeHkb2szkQOuW4I2lhA1132rvlLAtqevSQVyy0xI26nz1iu2x1sts5Qj4i1uWE78U7zC3JB2mkyVRDsj7lYbbFYRASQ_ygJJz5XLkkeXEpdjbrPAJQwk0Qcwal1FFws9MBfiILrvdEqZJJOEEyKQTIrltbhg5M9LorTGevhwSHT5dslj8x0Wxp2LZrCu9T5bPP0qI0Hsbtl3-Z-HWPxyv0OeIHqmEUoxauZ-z5-ZbhCht_B1Sidp3jmBP72zcnh82hO8SDjkSQN1lIlIcLkxT9t6zat2K0SUcHrIot7KaiI9SfAn5WC14l29--JXloO5zIOY3eWOTC_TaN1ACzqfzVFOA7c1N5oPhg71SpzP8y-WiqelFxArGxSqlOlBR04FAAuA47usHfyMyp08bMTVa_r6880IK9_FGmaJ1PHZ8XhL0JUD3JndUZmdsv4y-CDMQIwCfGA7geu894YpDdSY1zK46viM8sXxIWYBuQXDdHz4Zg9RS5bQ_JqXsYdJTbZlAaf8ru2bqXm1lM3-bo2cJFbuc4ieOrXC_Lui8Qa9MIhHi4se87lgvpfYINCrd-iU-SKYU6HSBIufuE5jic72sSIPtRvkqwVhgXbvUe5QVsq_zwFbppnMS_WapXVNRwYKw06tGAUzoZ22H5y7jIoZndvy___tXlvTThzY4E1y6fuNTwNR1peeqwnaBtNuiz7cNXsHLzw_ubVdFqJJyk6lCfukaD2NFd-bLCvAmjgq9QSemhAPhPFfKPamWvp6p562jKMpyjtQCzqY9MaMJRButgyxuySK_OsO4jx21oPJiWKwqzMf8VfrVHmwJnDbEKHVC6otoSl90PxE9-W5Z2glp2KuxTx0gKs70VBKz-QjGnUwWwclB5H9YmacRvG80ELIknWy6pGXRSU_QsdZXHCjEbev3m_NWFZzReELMIlkQyq0NRw_wlJtR4rZIXeX5oS9FQSkhPBxS_xM7OHznO1AaKu_1A3oEM5Eb1401mr_Ikxw3yz6Uuq9zH9T0j9OuQ5mXWEdU33lrB3BjUO_EDWBiSTMfRzz8DfKeWtRrHxEu10oAUrCM1REW6fA-Gu4M0Kzb_fE7jmvZtutH8qyz9fjbfdnXU-OpCSixrr_gkFR8H2oq6QaIOG6BBIzAZ-7AY1-3X9ky-nz9P9v7VyHPO_UYyEvAdbn2Na5IrHGZNpdKcfUI7m_xQKqe8s_mxBicAkHLXNxM2Q70B6ca5GZBrYLmJWJZu3m_9Qykd9OZFl2GT3JVNhEOuliaqwYoWLG_4sO5xpYyj86wy_T464PuodA_hUeHMlk-Fpi3jkjuy8mPmS7yUar4PIl_fnjjWk8Ddl4GvRmhuzhP1IDbqcz290YelJpIj7a96MipxcdEHQMaJGcyhUYAOlLcz2MTzJs0EmHLI5SRteAXdXyR5I--q3gO-IZAR3aS8JjVtTDI9UI2x1rLYPgyZnlP2H39BdIFJNOqVSYrf-uHtOQYZQTf19AhLelgVSg-OUtkXq-PQhwHRbb2vP_mXzRPbBk8RwJOa63UyudEptaDieC2Y7r0WiBJpr7VMgvAnawkdQ39WLs-Nye5T1Vyb7w7AoRRo2khcDAHypwMi0bC4PAaZPc2tTAw6Fl82N3pfGrcLWMRsop6Bm8xnG7K-B51V-P_xus5QpfKMRIWbqlMeAUd15UbLM2T7DYazo5UJYkR9KUblDh9O8GTLU9DEyaNcMPZTNBctUryol_kS7zKgSOVzhSfnGLhb6SfBP1d9qm9yzywodLfcft6iuxz5IkrTQ3skt3Wh3dRMEb2hMLVsygmJ5sf9zpsNYyeCkHE24Zl3i9a_rfY3WlSsrJJaHlFfU9pVk7nMscERogqKfLohWzS2_wqe5bTDcbfa7xzSlIn_pCoN47J2sVm1Sbu-V2hOEVHXn_RYTS9mW2nlcwJo-A8ZX5mocwsnZcdJRbyfgGIp-56_Ni1cODrMGN_sQyot-Dw2VxdGILbYFtY1HeJtEXSIrKXGMY1DEry39f_iSUj2W6s7ckTkX_0qkKf9o0AUZY6aHsF6O9bQ-tSKFRdxk5TiHGLv0RK6eNjiUfHP56M5saTXk1Bc1m4Y92aRG21XSuRxSKrYWWqrYbEGxF9cTWwh10FTui1papHcAUmAZ8u5QGlF3NkxAnI1YmZGgJh9zjb4D8iIj1DM0VspyadiNMzli_3LWC3qpsxemzXyQkNCHAil6wjfTaoE683IxGkQCFy37XmjfSssMpQpxsdkewxo_RGm65xwTFQ1KZYNrBQ_8nmMMSN_H-V7hOyRDlVFf_KCSQDdu9xyBTyTA9RA6Bu_mir5DYdys_v00ude-k0Cy4muCCluJ0WnHoTcwM_sCRAp-BFcJb1z3zrk_tvYklMeFK4cxEz1RppfWx88wJCBWrN8LvgIDLBXSWdGNALUVnxeSVeS1vNGSQkaSTTz_wD3TCt9ifVnL7iP0XDTfnzGWf5jsw-bP3gn7O9cQ0GOR4CvZ6v2GrGgb6ksdIgR9sBtxkEHCGMChT1FVyR_BVcY7U4Ds_i1LidmiNxrr4nOB6II4x8aBieR1402ko2EshTJYmIg6HvCgVfUtHIXJDrBvUM5qp1RBIpvmOIfvY9CIVXkYPVyvziycYhtPQP32_kW5ngloP8BRZFr1D1klqMeykWhg3JTWd38c&cid=CAQSPADICaaNkdvVhVxlDYmPeXwW-SSmBsP0k6sDK1_ILNo0lF2uv3uUw9ZqR6EqNOqbr_2QRpQzaUmo5Szn4RgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.133.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f156.1e100.net
Software
cafe /
Resource Hash
c8a60a42eab50f22505ac6b31ceaaed1e0172947d221050211bf50216942f43a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16633
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4EB7 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com
URL: https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
63286
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 22 Nov 2023 21:36:53 GMT
etag
48472445140208031
expires
Thu, 23 Nov 2023 21:36:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 04EB 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
96aad03121e284cca1e0e32862ae08b7a83a17a316961bb35c4ca35082063cdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
ic5.php
data00.adlooxtracking.com/ads/ 		88 B
573 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data00.adlooxtracking.com/ads/ic5.php?tagid=1193&client=and_beyond_media&d1=pg-4171~1_fo-4171~1_vpw-4171~1600_vph-4171~1200_scw-4171~1600_sch-4171~1200_sco-4171~1_sca-4171~0_srx-4171~0_sry-4171~0_ev-4168~sb.4171~rp.4171~rvp.4171~rap.4182~ss&att=0.0.1600~1200&visite_id=47981137816&seq=0&timezone=-60&js=tfav_adl_532.js&date_regen=e0208d5&type_crea=2&sl=%22sm%22%3A%22browser%22&id1=andbeyond3001&id2=%2F21751243814%2C344684475%2F179580-300-250-1&id3=4670799807&id4=2462441427&id7=300x250&id8=https%3A%2F%2Fwww.gmanetwork.com%2F&id9=DE&id11=%24ADLOOX_WEBSITE&p_d=0.015&fai=GMA%20Network%20%7C%20News%20and%20Entertainment&iframe=0&resolution=1600x1200&nav_lang=en-US&url_referrer=https%3A%2F%2Fwww.gmanetwork.com%2F&activetab=1&cf=1
Requested by
Host: j.adlooxtracking.com
URL: https://j.adlooxtracking.com/ads/js/tfav_adl_532.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.31.249 Mountain View, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.31.241.35.bc.googleusercontent.com
Software
/ PHP/7.4.33
Resource Hash
12db6710704be359f07f6c1e2bcb3955a3fd0ed332d59586cb0c38c6858c7312

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:39 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
PHP/7.4.33
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma
no-cache
x-route
ads-prod-75d5674dd6-p5hdd
accept-ch
UA-Arch, UA-Model, UA-Platform, UA-Platform-Version, UA-Mobile, UA, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Platform, Arch, Model, Mobile
vary
Accept-Encoding
accept-ch-lifetime
86400
content-type
application/json
access-control-allow-origin
https://www.gmanetwork.com
access-control-allow-methods
POST, OPTIONS
cache-control
no-cache, no-store, must-revalidate
access-control-max-age
86400
access-control-allow-headers
Content-Type, X-Requested-With
expires
0
current
dclk-match.dotomi.com/match/bounce/ Frame 4EB7 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEObxWVkL7Wm6XMR7AA3UeUQ&google_cver=1&google_push=AXcoOmQbxlwBuhnSup2psCUOedy4FAtFsRB3r5cktqx-pprBvfTXLQTF54y9JU3h2UCVZkSYE4G0pjPPRtvxTTg3GfEeQK9_V54X
Requested by
Host: 5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com
URL: https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:39 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 4EB7
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJuYH84M4GTWttoIXU6Z-IM&google_push=AXcoOmSmSQnJTK-TTaJcgoMUYaKUj8_1do3HQ8s2e5GWI50DJvRQ9e8D3D...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJuYH84M4GTWttoIXU6Z-IM&google_push=AXcoOmSmSQnJTK-TTaJcgoMUYaKUj8_1do3HQ8s2e5GWI50DJvRQ9e8D3Di4_TtLSCnpYsAINsQbseKgQcy-6a4JLhu8oP1w99k
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-eddf8230084-FRA
pragma
no-cache
date
Thu, 23 Nov 2023 15:11:39 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1700752300.794756,VS0,VE98
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJuYH84M4GTWttoIXU6Z-IM&google_push=AXcoOmSmSQnJTK-TTaJcgoMUYaKUj8_1do3HQ8s2e5GWI50DJvRQ9e8D3Di4_TtLSCnpYsAINsQbseKgQcy-6a4JLhu8oP1w99k
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 4EB7
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEGhKiX_rfZQQZGjNifelHsM&google_cver=1&google_push=AXcoOmQuPPWBy5tXR_fsnAgtxGHXs9rVj2kneu0d_Lov4jD0PAxievin1P6V5NcXTAHWZXTss_o7SOJd3-Zy1pvTFg0gAuyFT2g
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9BF159EC8C7341D4B578945DD281E208&google_push=AXcoOmQuPPWBy5tXR_fsnAgtxGHXs9rVj2kneu0d_Lov4jD0PAxievin1P6V5NcXTAHWZXTss_o7SOJd3-Zy1pv...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9BF159EC8C7341D4B578945DD281E208&google_push=AXcoOmQuPPWBy5tXR_fsnAgtxGHXs9rVj2kneu0d_Lov4jD0PAxievin1P6V5NcXTAHWZXTss_o7SOJd3-Zy1pvTFg0gAuyFT2g
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 23 Nov 2023 15:11:39 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9BF159EC8C7341D4B578945DD281E208&google_push=AXcoOmQuPPWBy5tXR_fsnAgtxGHXs9rVj2kneu0d_Lov4jD0PAxievin1P6V5NcXTAHWZXTss_o7SOJd3-Zy1pvTFg0gAuyFT2g
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 22 Nov 2023 15:11:39 GMT
pixel
cm.g.doubleclick.net/ Frame 4EB7
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEBGDV1zK7AgNa9g5CdnmUEk&google_cver=1&google_push=AXcoOmSJv7jvNBwKCFojI26XzIxA43Pn08ByOU6bb5EyUQ2bAanooFs5ahbGYSj7vNrrBkU4OyeE4Lpj1Y8...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSJv7jvNBwKCFojI26XzIxA43Pn08ByOU6bb5EyUQ2bAanooFs5ahbGYSj7vNrrBkU4OyeE4Lpj1Y8-G5gFZz4GBf-R5VH8&google_hm=0ZH-5f3hTPeOXfFH_KnsXEs
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSJv7jvNBwKCFojI26XzIxA43Pn08ByOU6bb5EyUQ2bAanooFs5ahbGYSj7vNrrBkU4OyeE4Lpj1Y8-G5gFZz4GBf-R5VH8&google_hm=0ZH-5f3hTPeOXfFH_KnsXEs
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:39 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSJv7jvNBwKCFojI26XzIxA43Pn08ByOU6bb5EyUQ2bAanooFs5ahbGYSj7vNrrBkU4OyeE4Lpj1Y8-G5gFZz4GBf-R5VH8&google_hm=0ZH-5f3hTPeOXfFH_KnsXEs
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
ebda
match.360yield.com/match/ Frame 4EB7 		43 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.360yield.com/match/ebda?google_gid=CAESEASgilZFqGvuZBl113bBkY4&google_cver=1&google_push=AXcoOmSjBgFbgCpIWoBNb7VIWqzkr_TOfjG6B-aZpSHPLxKNAVnMbV2mgL4Vc_b8HGCw6Ngq_m3HRZrrKbvQ2PZ2qz_dCdRC8xcZ
Requested by
Host: 5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com
URL: https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.195.247.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-195-247-153.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 23 Nov 2023 15:11:39 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
ssbsync.smartadserver.com/api/ Frame 4EB7 		0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEH9qmUG-_QU95CjI-X-vp-8&google_cver=1&google_push=AXcoOmRnW7_eg0m2V6or9Et8vVB17-NVMwGAwMyUEItLHD9OGHE0xAFI9JcgXoYuFEfInODNB_tugqW5NxSNUDLhjqB5vHcnnPto
Requested by
Host: 5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com
URL: https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.171 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:39 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame 4EB7
Redirect Chain
  • https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
  • https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=5e8c48e5-324c-47d3-8c10-88d899b34086&google_cver=1&google_gid=CAESECmX4PXua6JhjmgAUq5IONI&gdpr_consent=${GDPR_CONSENT_109}&google_...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=5e8c48e5-324c-47d3-8c10-88d899b34086&google_cver=1&google_gid=CAESECmX4PXua6JhjmgAUq5IONI&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmTbr8ZZCN1Ln6uef1BF4Up9ptanoUbrNAYxFSXKhUY4tIMUaQZ2LmQj5Iy6BTvgc08E05JBAAtnRjubT9chRsnzVqRZ0MAp&gdpr=${GDPR}
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=5e8c48e5-324c-47d3-8c10-88d899b34086&google_cver=1&google_gid=CAESECmX4PXua6JhjmgAUq5IONI&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmTbr8ZZCN1Ln6uef1BF4Up9ptanoUbrNAYxFSXKhUY4tIMUaQZ2LmQj5Iy6BTvgc08E05JBAAtnRjubT9chRsnzVqRZ0MAp&gdpr=${GDPR}
date
Thu, 23 Nov 2023 15:11:39 GMT
server
_
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 4EB7 		0
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JsYhITAJBO81iPd-55JX21R4xWyvgL9i77yU2_acowhupTYdspJwae-gh49zoq8eCTQNwkVw
Requested by
Host: 5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com
URL: https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:39 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
adview
securepubads.g.doubleclick.net/pagead/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CBl8Rq2tfZeu2E7LCmQeW0KngAdzIu7F0zfv-goUS8C4QASDn3eBuYJXikIKgB8gBBagDAaoEsQJP0H26dAZMIBxfnBoCDZZc9HxPCVLQs9XmIuCaBPiWRQd3YkIGHO2OjbGlqHS01XUNmuK55dt2vzmrXucz2eEtzsHY1cxhmLR77LWXq2y4hb7GS40N_STS_z-8-eEhfH8bI2nUR2RGYZxy2M8QvZSmCvNoEHWMal4Rd0UAm4UwBUiVCrT5w-v0ICs1zYQrT6Ny3AW69PeNNUtEGjGV98skRXIl7NeZpASv6lYnuaLXJFhPMODiVFutb5mlvP3EIViXFSCL1qvTLv0QEXP2xeGZLXRV2w3vWugfQHd52EgJatKjTrT-x6LxE_it3xrpSpm4Sa3X8DFvZDb-BC8K9I8YHNuR1EJlXk9APzacpWx2d07SHif4grMppqyKqnXt3jy9oKLDzzPRfnNW-V0Z7czIccAEyM_tvsYE4AQDiAWkn727TZIFBggbEAMYA5IFCwgiEAMYA0iewZgCkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ5gAe_2o3FAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcKEM2dPRjgsab_AdIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTU1OTcwMzY0NjgyNDE3MDiACgPICwGiDBAqDgoM5LSxAu61sQK1uLEC4g0TCNKXmoW02oIDFTJh5godFmgKHLAT4YDQFcgT7fb74wPQEwDYEwOIFAHYFAHQFQGAFwGyFx4KHAgAEhRwdWItNTI1ODE2MDMzMTQ0ODg1MhiHrm4&sigh=4tWFhd3ILSs&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPADICaaNkdvVhVxlDYmPeXwW-SSmBsP0k6sDK1_ILNo0lF2uv3uUw9ZqR6EqNOqbr_2QRpQzaUmo5Szn4RgB&vt=10&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 23 Nov 2023 15:11:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 04EB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CBl8Rq2tfZeu2E7LCmQeW0KngAdzIu7F0zfv-goUS8C4QASDn3eBuYJXikIKgB8gBBagDAaoEsQJP0H26dAZMIBxfnBoCDZZc9HxPCVLQs9XmIuCaBPiWRQd3YkIGHO2OjbGlqHS01XUNmuK55dt2vzmrXucz2eEtzsHY1cxhmLR77LWXq2y4hb7GS40N_STS_z-8-eEhfH8bI2nUR2RGYZxy2M8QvZSmCvNoEHWMal4Rd0UAm4UwBUiVCrT5w-v0ICs1zYQrT6Ny3AW69PeNNUtEGjGV98skRXIl7NeZpASv6lYnuaLXJFhPMODiVFutb5mlvP3EIViXFSCL1qvTLv0QEXP2xeGZLXRV2w3vWugfQHd52EgJatKjTrT-x6LxE_it3xrpSpm4Sa3X8DFvZDb-BC8K9I8YHNuR1EJlXk9APzacpWx2d07SHif4grMppqyKqnXt3jy9oKLDzzPRfnNW-V0Z7czIccAEyM_tvsYE4AQDiAWkn727TZIFBggbEAMYA5IFCwgiEAMYA0iewZgCkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ5gAe_2o3FAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcKEM2dPRjgsab_AdIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTU1OTcwMzY0NjgyNDE3MDiACgPICwGiDBAqDgoM5LSxAu61sQK1uLEC4g0TCNKXmoW02oIDFTJh5godFmgKHLAT4YDQFcgT7fb74wPQEwDYEwOIFAHYFAHQFQGAFwGyFx4KHAgAEhRwdWItNTI1ODE2MDMzMTQ0ODg1MhiHrm4&sigh=4tWFhd3ILSs&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPADICaaNkdvVhVxlDYmPeXwW-SSmBsP0k6sDK1_ILNo0lF2uv3uUw9ZqR6EqNOqbr_2QRpQzaUmo5Szn4RgB&vt=10&cbvp=2&vis=1
Requested by
Host: 5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com
URL: https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/
Attribution-Reporting-Eligible
event-source
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 23 Nov 2023 15:11:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
csi
csi.gstatic.com/ Frame 04EB 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lpbc098c&c=2309331669982&slotId=1154665834991&qqid=CKu4m4W02oIDFTJh5godFmgKHA&fb=outstream-lima&vast_v=2.0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:39 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
coAE_brMentosGum_sbGum_segChewingGum_caMentosRaffledraw_ld1611_ed3112_agWavemaker_-381688403.xml
svastx.moatads.com/wavemakeruaedcmvideo456570452019/ Frame 04EB 		6 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://svastx.moatads.com/wavemakeruaedcmvideo456570452019/coAE_brMentosGum_sbGum_segChewingGum_caMentosRaffledraw_ld1611_ed3112_agWavemaker_-381688403.xml?apiFrameworks=7&gdpr=&gdpr_consent=&
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
bac47306a43a09eaf899059ee919071edb1e38426bb18145bef04d2a2eec1f2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:40 GMT
server
AmazonS3
x-amz-request-id
WYEGWZPWG5VW73NY
x-amz-server-side-encryption
AES256
etag
"fe15988d4044ad5bf3dac732d3ea792f"
access-control-allow-methods
GET
content-type
text/xml
access-control-allow-origin
https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-length
6527
x-amz-id-2
ShYU5m7eVVRtDRvnqLEhbgh7Fm2aGLIOq1KPskne1h0t3Hgh8d/V1Gwv8kwvsuTPMT9fwmnHRBs=
expires
Thu, 23 Nov 2023 15:11:40 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		111 KB
46 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2603953397491756&correlator=310842396159545&eid=31078016%2C31079527&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&iu_parts=21751243814%3A344684475%2C179580-970-90-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x90%7C728x90&fluid=height&ifi=7&didk=4118590881&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Da6b015e9e1a15ea8%3AT%3D1700752298%3ART%3D1700752298%3AS%3DALNI_Mai8vBK9srJ6gQro_as2vCV2uyTIw&gpic=UID%3D00000ce01c38806a%3AT%3D1700752298%3ART%3D1700752298%3AS%3DALNI_MaVPMhF6aL8bF4H78CRrvAI4zSlVA&abxe=1&dt=1700752300099&lmt=1700752300&adxs=315&adys=5001&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.gmanetwork.com%2F&vis=1&psz=970x0&msz=970x0&fws=4&ohw=970&ga_vid=1264207553.1700752298&ga_sid=1700752298&ga_hid=885053129&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYmqDy5b8xSABSAghkEhkKCnB1YmNpZC5vcmcYu6Hy5b8xSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGJqg8uW_MUgAUgIIZBIZCgp1aWRhcGkuY29tGJqg8uW_MUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lVR1UxVVRWamRtaFJZMWRxVTBaVE1HNU9lVWxVUVQwOUluMD0Y6KTy5b8xSAASGwoMaWQ1LXN5bmMuY29tGIyi8uW_MUgAUgIIag..&dlt=1700752296380&idt=1596&prev_scp=adunit%3Ddiv_desktop_footer%26prebidtrue%3D0%26hb_width%3D970%26hb_height%3D90%26active%3D1%26andbeyondhijack%3D0%26andbeyondunfilled%3D1%26visible%3D0%26refresh1%3D1%26activevisible%3D1%26refreshtype%3Dnone%26amznbid%3D2%26amznp%3D2%26adl_dis%3D-1%26hb_format_abmoftmedi%3Damp%26hb_size_abmoftmedia%3D970x90%26hb_pb_abmoftmedia%3D0.01%26hb_adid_abmoftmedia%3D114634f1b43bc29d%26hb_bidder_abmoftmedi%3Dabmoftmedia%26hb_format_adpone%3Dbanner%26hb_size_adpone%3D0x0%26hb_pb_adpone%3D0.02%26hb_adid_adpone%3D112c73ee6659b79b%26hb_bidder_adpone%3Dadpone%26hb_size%3D0x0%26hb_format%3Dbanner%26hb_pb%3D0.02%26rtb_pb%3D0.02%26hb_adid%3D112c73ee6659b79b%26hb_bidder%3Dadpone&cust_params=m_data%3Dwaiting%26m_safety%3Dwaiting%26m_categories%3Dwaiting%26m_mv%3Dwaiting%26m_gv%3Dwaiting%26gs_cat%3Dgl_english%252Cgb_safe_from_high%252Cgs_busfin%252Cgt_mixed%252Cgb_spam_high_med%252Cgb_spam_high_med_low%252Cgt_negative_mistrust%252Cgs_tech%252Cgs_tech_compute%252Cgs_tech_compute_net%252Cgs_tech_compute_net_email%252Cgs_busfin_business_marketing%252Cgs_busfin_business%252Cgs_busfin_indus%252Cgs_busfin_indus_advertising%252Cgs_personalfin%252Cgs_personalfin_utility%252Cgs_personalfin_utility_phone%252Cgt_positive_pleasure%26adl_ok%3D1&adks=131924188&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ad50a22f5bd93d8c1110ce46afc8b8a6509451830da8d983c6f7c59da8aaa0e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:40 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47017
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.gmanetwork.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6A20 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gmanetwork.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 15:11:38 GMT
expires
Fri, 22 Nov 2024 15:11:38 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 7645 		624 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYj6nd_QEwAQ&v=APEucNU78gV3zg_3MVfIo7ZFn95bxDknNKWQfT2zfrKbTOMh6CbWPvZ_JYvdw2x2IVmjRMqzZt1sije8UAip6UZ0LToiLla5cmuM7I_NonDqViBlbNm7OYwJ0dz7p3VMIAkSlOiJ707DlFsRDXRdvhHjMGKCRYQRFO0H5ys-WSBFIKrWvGlJ63Q
Requested by
Host: 5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com
URL: https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 15:11:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 6A20 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/
Origin
https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 07:40:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27072
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 24 Nov 2023 07:40:28 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 6A20 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 07:40:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
27072
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 07:40:28 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 6A20 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 07:40:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
27072
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9282
x-xss-protection
0
server
cafe
etag
14645652906762492339
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 07:40:28 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 6A20 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 07:58:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
198768
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Nov 2024 07:58:52 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 6A20 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: 5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com
URL: https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 12:14:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
10603
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 12:14:57 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D4FB 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com
URL: https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
63287
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 22 Nov 2023 21:36:53 GMT
etag
48472445140208031
expires
Thu, 23 Nov 2023 21:36:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 6A20 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com
URL: https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 10:09:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
18145
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 10:09:15 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6A20 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ACFoAjCM3bbSjfLsc2jxShSdbmBNndWZcZFTZ7OrqdSj2XBXDptGIUXCxFAEsZbIOqayynQUJQnXCyuFT86ocWQpFxMmm6Z_oF6it9-5VwR_9Wgy8
Requested by
Host: 5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com
URL: https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
www.google.com/ads/measurement/ Frame 6A20 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRQlQgLAd8xPasOO4lAqfpTerTEU5b8MJk5KlHkNAJ7E0onRhSpxC49xLAoHzhBkIK5aK6Nbzmpms_vNBa09Gi-4SkiqA
Requested by
Host: 5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com
URL: https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 6A20 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com
URL: https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Nov 2023 15:11:40 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 4D1C 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
198768
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 21 Nov 2023 07:58:52 GMT
expires
Wed, 20 Nov 2024 07:58:52 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 6A20 		207 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
73bf95e9a7ab54356243de27569be7dc81f10b9acdec742f25349698bc753b75

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
dpixel
cms.quantserve.com/ Frame D4FB 		35 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPtZ7-1cjPCrk36wf2SPySs&google_cver=1&google_push=AXcoOmQ3jN06JdqylyglvUE4p-VvsPf6dZlbZ1p_PUO0tewTcO0eFhiE14VUUkfmmBUYqLNOSbB1kE_Oi_fuhWr82n187pRuZ1Ov
Requested by
Host: 5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com
URL: https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:40 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D4FB
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDVjhlcmYxcJWP3P0kAz-zQ&google_cver=1&google_push=AXcoOmQJ3VuRBB5Uxu_vCkosX9tkPD74bATNJ_o89UK2cSdXUq9wQZDB7zX2ifsfuHzLntly96fsUZMbxCUEppW7yNUcuT-...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQJ3VuRBB5Uxu_vCkosX9tkPD74bATNJ_o89UK2cSdXUq9wQZDB7zX2ifsfuHzLntly96fsUZMbxCUEppW7yNUcuT-S4M1M&google_hm=eS1xWjZzQWwxRTJwRmZST0...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQJ3VuRBB5Uxu_vCkosX9tkPD74bATNJ_o89UK2cSdXUq9wQZDB7zX2ifsfuHzLntly96fsUZMbxCUEppW7yNUcuT-S4M1M&google_hm=eS1xWjZzQWwxRTJwRmZST0dKdHVtZGJmSW5GSnY5RFhLdX5B
Requested by
Host: 5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com
URL: https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 23 Nov 2023 15:11:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQJ3VuRBB5Uxu_vCkosX9tkPD74bATNJ_o89UK2cSdXUq9wQZDB7zX2ifsfuHzLntly96fsUZMbxCUEppW7yNUcuT-S4M1M&google_hm=eS1xWjZzQWwxRTJwRmZST0dKdHVtZGJmSW5GSnY5RFhLdX5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame D4FB
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmT-sB...
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-gj2KscyNEPrsLnsI-fhaS2wBwXt5Zb-1KSth2g&google_push=AXcoOmT-sBbeltX98wR8n5IQqL3xi6_ZL2nGK05RDZH9oFsm82oOHDhl4s2kUMPnJSG8J6LLNr8i4qMlt78F...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-gj2KscyNEPrsLnsI-fhaS2wBwXt5Zb-1KSth2g&google_push=AXcoOmT-sBbeltX98wR8n5IQqL3xi6_ZL2nGK05RDZH9oFsm82oOHDhl4s2kUMPnJSG8J6LLNr8i4qMlt78FYzCU_w-z0XvzEK-h
Requested by
Host: 5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com
URL: https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:40 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-gj2KscyNEPrsLnsI-fhaS2wBwXt5Zb-1KSth2g&google_push=AXcoOmT-sBbeltX98wR8n5IQqL3xi6_ZL2nGK05RDZH9oFsm82oOHDhl4s2kUMPnJSG8J6LLNr8i4qMlt78FYzCU_w-z0XvzEK-h
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1545138
content-length
0
expires
Thu, 23 Nov 2023 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame D4FB 		43 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEFBsId1CE55YNZLJimiODUU&google_cver=1&google_push=AXcoOmRzbgrU4roPvIPZ8pxDMUPmRUdcrfpaTGQPyFJgZSeYC0dgTLEVIpMlTGZ7IHV7BYXEGKcpIGq37XJueRJD2_Uw-gF7bEhV
Requested by
Host: 5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com
URL: https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:40 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame D4FB 		0
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJMWIHpvWlSQ_OOToYTtvfw&google_cver=1&google_push=AXcoOmQAQ6TrG5f1YZexMbIaJRv_9rUZhOHN6yLGt-_hBUcmvG6XGFstz0I6LJIy6RYhQiY_geqPpbpe8DosPtAQU3zOEwUjUQS6
Requested by
Host: 5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com
URL: https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 23 Nov 2023 15:11:40 GMT
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame D4FB
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEG45iIlvzpQFTgO_xpZdO04&google_cver=1&google_push=AXcoOmQZCww8Oox21C-p_qXoEfVBCO4AZMvb0oE7FnwjRv7FR57hG4MTcHT9djV8Hyyi6-RUQHI...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBCQzA4SEMtMVQtRjBVOA==&google_push=AXcoOmQZCww8Oox21C-p_qXoEfVBCO4AZMvb0oE7FnwjRv7FR57hG4MTcHT9djV8Hyyi6-RUQHIYZSrqGo7c0umL1z4d3P-3nhRS
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBCQzA4SEMtMVQtRjBVOA==&google_push=AXcoOmQZCww8Oox21C-p_qXoEfVBCO4AZMvb0oE7FnwjRv7FR57hG4MTcHT9djV8Hyyi6-RUQHIYZSrqGo7c0umL1z4d3P-3nhRS
Requested by
Host: 5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com
URL: https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBCQzA4SEMtMVQtRjBVOA==&google_push=AXcoOmQZCww8Oox21C-p_qXoEfVBCO4AZMvb0oE7FnwjRv7FR57hG4MTcHT9djV8Hyyi6-RUQHIYZSrqGo7c0umL1z4d3P-3nhRS
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Expires
0
report
sync.teads.tv/um/ Frame D4FB
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEPitdkTaAR0P...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmS0ZZi9aVr1Hmc_W3bidLHjd7yCzlERsO5P3WUoNRxd3RG0fJ7WASYJzupDDyom2zqHkbB0ZevgD1FtNPVyLm3SHcSwTymI
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: 5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com
URL: https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires
Thu, 23 Nov 2023 15:11:40 GMT
pragma
no-cache
date
Thu, 23 Nov 2023 15:11:40 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame D4FB 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lq7seuqeSm-5CVp-zy1dgDq1TvgfCBSiYWvRpyg_Qscqw7sZ88f_Q87GNz-DtL8ZeZoZQHYA
Requested by
Host: 5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com
URL: https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:40 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
index.html
s0.2mdn.net/sadbundle/6011597790579686621/ Frame 6B36 		160 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6011597790579686621/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be55fb86a6ce047ebd1b240fcb8242819b7c0a511720c3496171b8bd30a6c0f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
504972
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
24560
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 18:55:28 GMT
expires
Sat, 16 Nov 2024 18:55:28 GMT
last-modified
Wed, 08 Nov 2023 11:56:50 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame 6A20 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjstIU1FClJvvsY1nm2X6hER2aLfsajdB2496fQtjdEw_IwNf9R7ZS_JwVHUGv2yFXcB-UWacZvOZtDU9zKBvBcaZOxmFPt0eJ8h8NB6y58rBKbX6XFD59Q6ijhSu1RaCPDL33V6-Eefn6SCbdtBqqp2r_k_lAqVoL6oSkerOq4V0E2RwEbuQrV1PbZxRL3tUM6e4pisbqnwAzDhKCDzBlTlpiUaCbf_o3FWmoPf2B7QcDU0LR95gHvohRvNWQ0wCw_oIn82gWUVLTqy7hzedIKFNTKnLIrNLVeuYoXEhlaYePjUyFyWZCCJCA8W9O9l8xFL1O2fHExywkAKnrEgTAra5vjS-aLpUnsHB0wmVDLGCyvUjQw9BcOdsBxsyX6Xh9qLujBuZt_M4XLNUNiu-0pWSnpSArgy4jl8KYcql55JKrFeOxdTi7jGars2sguoIL4DrKF5p01R9Yb2czphB2KBxgpPolPKH9VbC_b42fhYKjNTszuH36XXAQcawLT5vd01K1euHDUhWYlNTEdGnQnc6x8ZGdpjhD8LTVGBsk1N849MeR1F4PA0_4OzKL3ClyWJGszt6hkzcRs5mOqHWWeNQDpyxUhzwK-QAvPxMA-wejaXWIV_i1ywrZKGJvNlykUABBOfEsfbAOAUTuTSgNf_vDcMc5xvu_B2-09znEU2Sqpv7i2oWXAocgE0GRrcww8OqJgChY0fc3rxa8hgmjmO6upfO1QM1i14MU9iF0eA3ardKKgld6tO_FsjmItGoNqhBA_vURYiqFDYsVLCtahaagJDOi6evAHXiY4p6VwTc589T36cgB_zFsHunRyfav_0zoLH-HTONzIzKUwPQQpAac1xSwPuRO9h41cqqALfowGRzt6VmZW7Qu3euWwWQqWUnqaXhZzFCKxG3s28JkEx6gCGRHZxt3tUlbNwLpG3SVnNKIo6M4ybyRh1KsltdWDOcHdCVYuTmGtozGYealXT7T1NanLssOKpk1bcZywGJf0OQGsz71OUH-8qeUtCWn41lPz175RtaBO1olRIW342XKPfDLuhkb8ir938IWl2TsUA47IsLjW_ZsGPhtqTHpoh8g2JN7W-Nna_tlJbr9V8jc0KKsEM9l9-ReB5WDLad1EYEDuzVA3iHdaNlXtOHJdmzPWbW66AFdL8S92R0n-HSMUK48O1ltFKCQ6Xqc_igtH5gV0CvUQ-lyxThTpggq_Nha1f1DZ0sIMO5llmy66yA1AhDz_KA4C8ZZ72KH5uwQH1JZwSsNYtka2fI-ANiZBGVAP8FJVzk9T7J5B9T6s75cfG-VUuMZ8b8OsS0_Sg6HSrxofYP3XHHWVa7WcYUVusvwkuTeG3djtlrN9j23xBzB8YPKoQo58l__9eiC9Ey47X3X-fPwVmcyROkLBf3L9paanGEaz-qCnzDyzBgKqaD6J4nfj86xpn-8Xd9pOf1Lz65CmiaacN5o8mYCdll1mEcTnRA0OG23of-dml-cNJDMvyzhAeuUJJHVk11OA5wxJiYFGKfPU3OZ6EpBY0HvKYqeBOEAMIFVreygGpKakxnhhf4sNw7n9ngAb2HcbAe8NkfZlmv1cPn1kxBGg&sai=AMfl-YSoa8pBbhq90wg2lurZAMnYA51K-bnUhB32SkpdW4LRsWu3Y---e1YaUHqBCHpg-LKS46dZgi3iUPVsN5RxsY7OILHcyxL3uNTyPK29yIF9r1b3PymQmzclBuvvjAu4H_bqES8sXxUrJrNm4r355NYxN0Mk-5dGxFnunaig7PcPWwbt9_2ZcvOiHoGSJQLPZXDpo6HBaq0v5baKrfsS_E7xi8BTHJffY-gkKFPcrBkORUnuPJcAvI7vfEc5dR0vbXVPCWDnnFjQ3MZq5zMrq8zd9hdPLyhHjzX1Jxw6rEDfrPXNTCg-aFSOJPCfJFn-djkpJC707dDa-0zt0Po0ctADYlfkWD3732qm2PmC5bCXqnIsnVZJzEPiY6eV6rnhEs4ttPLVXhvVtZEaLBZkZzSlBuBbUUrDfxBoAgouHs7o6h3mggSx&sig=Cg0ArKJSzADSPjsPA4nMEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly90dWkuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=98&cbvp=1&cstd=95&cisv=r20231109.89228&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 23 Nov 2023 15:11:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame 7645
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHIcqtjVmYdwdl13qmz019Y&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHIcqtjVmYdwdl13qmz019Y&google_cver=1&C=1
43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHIcqtjVmYdwdl13qmz019Y&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYj6nd_QEwAQ&v=APEucNU78gV3zg_3MVfIo7ZFn95bxDknNKWQfT2zfrKbTOMh6CbWPvZ_JYvdw2x2IVmjRMqzZt1sije8UAip6UZ0LToiLla5cmuM7I_NonDqViBlbNm7OYwJ0dz7p3VMIAkSlOiJ707DlFsRDXRdvhHjMGKCRYQRFO0H5ys-WSBFIKrWvGlJ63Q
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T4Kus9aAkBvvjkTz3%2BKLs%2FkEiSu1jB1qYicY9VTlU4AQ9Wjm1BmqgtkuIlgITIZfX21ozaZjgshY1o8v4uJXBNO3fcfMHocPwFZ5ON9RwNd7isXR7xj8Qe6otbAXHQohXxZz9rZRI3%2FQXw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82aa5897acab92ab-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dcG5qdYXKvhL6v3Fyxevbu0LMVzIqbgcYK1%2BfVlTXyq5t16LrtWQN8fRuy2uN69Q2QQBv91Jf6Y4uIay5lg0YUUhwaMbvnRjZjlDNzy8n%2BldJd9jtmUIl1NwnMXWsKv6Vsmx2119eKLmUA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEHIcqtjVmYdwdl13qmz019Y&google_cver=1&C=1
cache-control
no-cache
cf-ray
82aa58976c4c92ab-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 7645
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZV9rrGIUNkZJLd0s5LYUhQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHIcqtjVmYdwdl13qmz019Y&google_cver=1
43 B
773 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHIcqtjVmYdwdl13qmz019Y&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYj6nd_QEwAQ&v=APEucNU78gV3zg_3MVfIo7ZFn95bxDknNKWQfT2zfrKbTOMh6CbWPvZ_JYvdw2x2IVmjRMqzZt1sije8UAip6UZ0LToiLla5cmuM7I_NonDqViBlbNm7OYwJ0dz7p3VMIAkSlOiJ707DlFsRDXRdvhHjMGKCRYQRFO0H5ys-WSBFIKrWvGlJ63Q
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2FNIGkJcP4laaN3ozpGdZyVyN23jwtI8ndESWXykAQCvB5nmDRKvL%2BMaeZBpE4Sqq9nS%2FedDDepJ7uraEK8p3yz3gBfetkcEiorkm5%2B%2FMayrJ0ZYNjepFhjLsNlkQYfx%2BQwBpdUmjcAInQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82aa58980b113a90-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHIcqtjVmYdwdl13qmz019Y&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 7645
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMrupey1Y6kU_thq6QSMvU0&google_cver=1
43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEMrupey1Y6kU_thq6QSMvU0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYj6nd_QEwAQ&v=APEucNU78gV3zg_3MVfIo7ZFn95bxDknNKWQfT2zfrKbTOMh6CbWPvZ_JYvdw2x2IVmjRMqzZt1sije8UAip6UZ0LToiLla5cmuM7I_NonDqViBlbNm7OYwJ0dz7p3VMIAkSlOiJ707DlFsRDXRdvhHjMGKCRYQRFO0H5ys-WSBFIKrWvGlJ63Q
Protocol
H2
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:40 GMT
an-x-request-uuid
cc3bc59c-61a3-4771-bc1f-c700a5cfd384
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
45.141.152.75; 45.141.152.75; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEMrupey1Y6kU_thq6QSMvU0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7645
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA5NTMwNzA3NDU4NTI3MDYyNw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA5NTMwNzA3NDU4NTI3MDYyNw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYj6nd_QEwAQ&v=APEucNU78gV3zg_3MVfIo7ZFn95bxDknNKWQfT2zfrKbTOMh6CbWPvZ_JYvdw2x2IVmjRMqzZt1sije8UAip6UZ0LToiLla5cmuM7I_NonDqViBlbNm7OYwJ0dz7p3VMIAkSlOiJ707DlFsRDXRdvhHjMGKCRYQRFO0H5ys-WSBFIKrWvGlJ63Q
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:40 GMT
an-x-request-uuid
6c2014f3-8574-4a24-b952-0a30ade353b3
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA5NTMwNzA3NDU4NTI3MDYyNw%3D%3D
x-proxy-origin
45.141.152.75; 45.141.152.75; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 4D1C 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 23:21:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
143412
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Nov 2024 23:21:28 GMT
B31010033.381688403;sz=0x0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dc_tdv=1;dcmt=text%2Fxml;dc_sdk_apis=7;dc_omid_p=[OMIDPARTNER];gdpr=;gdpr_consent=;dc_mpos=[BREAKPOSITION];ltd=;d...
ad.doubleclick.net/ddm/pfadx/N1252192.4901780PUBPROGRVIDEO_OT/ Frame 04EB 		27 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/pfadx/N1252192.4901780PUBPROGRVIDEO_OT/B31010033.381688403;sz=0x0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dc_tdv=1;dcmt=text%2Fxml;dc_sdk_apis=7;dc_omid_p=[OMIDPARTNER];gdpr=;gdpr_consent=;dc_mpos=[BREAKPOSITION];ltd=;dc_osd=2;dc_frm=2;vis=1;dc_sdr=1;dc_sdkv=h.0.0.0;dc_sdki=445;dc_eid=420706098%2C44752538%2C44807614%2C44807615%2C75259414;nel=0;ord=385644820
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
83c11304073be20684fde0d9c0e334a56cbe6f261d4f64fe30718eb7cef1eb21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14929
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
DcmEnabler_01_250.js
s0.2mdn.net/879366/ Frame 6B36 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6011597790579686621/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6011597790579686621/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 17:05:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79542
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11558
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Nov 2023 17:05:58 GMT
view
ad.doubleclick.net/pcs/ Frame 6A20 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjstIU1FClJvvsY1nm2X6hER2aLfsajdB2496fQtjdEw_IwNf9R7ZS_JwVHUGv2yFXcB-UWacZvOZtDU9zKBvBcaZOxmFPt0eJ8h8NB6y58rBKbX6XFD59Q6ijhSu1RaCPDL33V6-Eefn6SCbdtBqqp2r_k_lAqVoL6oSkerOq4V0E2RwEbuQrV1PbZxRL3tUM6e4pisbqnwAzDhKCDzBlTlpiUaCbf_o3FWmoPf2B7QcDU0LR95gHvohRvNWQ0wCw_oIn82gWUVLTqy7hzedIKFNTKnLIrNLVeuYoXEhlaYePjUyFyWZCCJCA8W9O9l8xFL1O2fHExywkAKnrEgTAra5vjS-aLpUnsHB0wmVDLGCyvUjQw9BcOdsBxsyX6Xh9qLujBuZt_M4XLNUNiu-0pWSnpSArgy4jl8KYcql55JKrFeOxdTi7jGars2sguoIL4DrKF5p01R9Yb2czphB2KBxgpPolPKH9VbC_b42fhYKjNTszuH36XXAQcawLT5vd01K1euHDUhWYlNTEdGnQnc6x8ZGdpjhD8LTVGBsk1N849MeR1F4PA0_4OzKL3ClyWJGszt6hkzcRs5mOqHWWeNQDpyxUhzwK-QAvPxMA-wejaXWIV_i1ywrZKGJvNlykUABBOfEsfbAOAUTuTSgNf_vDcMc5xvu_B2-09znEU2Sqpv7i2oWXAocgE0GRrcww8OqJgChY0fc3rxa8hgmjmO6upfO1QM1i14MU9iF0eA3ardKKgld6tO_FsjmItGoNqhBA_vURYiqFDYsVLCtahaagJDOi6evAHXiY4p6VwTc589T36cgB_zFsHunRyfav_0zoLH-HTONzIzKUwPQQpAac1xSwPuRO9h41cqqALfowGRzt6VmZW7Qu3euWwWQqWUnqaXhZzFCKxG3s28JkEx6gCGRHZxt3tUlbNwLpG3SVnNKIo6M4ybyRh1KsltdWDOcHdCVYuTmGtozGYealXT7T1NanLssOKpk1bcZywGJf0OQGsz71OUH-8qeUtCWn41lPz175RtaBO1olRIW342XKPfDLuhkb8ir938IWl2TsUA47IsLjW_ZsGPhtqTHpoh8g2JN7W-Nna_tlJbr9V8jc0KKsEM9l9-ReB5WDLad1EYEDuzVA3iHdaNlXtOHJdmzPWbW66AFdL8S92R0n-HSMUK48O1ltFKCQ6Xqc_igtH5gV0CvUQ-lyxThTpggq_Nha1f1DZ0sIMO5llmy66yA1AhDz_KA4C8ZZ72KH5uwQH1JZwSsNYtka2fI-ANiZBGVAP8FJVzk9T7J5B9T6s75cfG-VUuMZ8b8OsS0_Sg6HSrxofYP3XHHWVa7WcYUVusvwkuTeG3djtlrN9j23xBzB8YPKoQo58l__9eiC9Ey47X3X-fPwVmcyROkLBf3L9paanGEaz-qCnzDyzBgKqaD6J4nfj86xpn-8Xd9pOf1Lz65CmiaacN5o8mYCdll1mEcTnRA0OG23of-dml-cNJDMvyzhAeuUJJHVk11OA5wxJiYFGKfPU3OZ6EpBY0HvKYqeBOEAMIFVreygGpKakxnhhf4sNw7n9ngAb2HcbAe8NkfZlmv1cPn1kxBGg&sai=AMfl-YSoa8pBbhq90wg2lurZAMnYA51K-bnUhB32SkpdW4LRsWu3Y---e1YaUHqBCHpg-LKS46dZgi3iUPVsN5RxsY7OILHcyxL3uNTyPK29yIF9r1b3PymQmzclBuvvjAu4H_bqES8sXxUrJrNm4r355NYxN0Mk-5dGxFnunaig7PcPWwbt9_2ZcvOiHoGSJQLPZXDpo6HBaq0v5baKrfsS_E7xi8BTHJffY-gkKFPcrBkORUnuPJcAvI7vfEc5dR0vbXVPCWDnnFjQ3MZq5zMrq8zd9hdPLyhHjzX1Jxw6rEDfrPXNTCg-aFSOJPCfJFn-djkpJC707dDa-0zt0Po0ctADYlfkWD3732qm2PmC5bCXqnIsnVZJzEPiY6eV6rnhEs4ttPLVXhvVtZEaLBZkZzSlBuBbUUrDfxBoAgouHs7o6h3mggSx&sig=Cg0ArKJSzADSPjsPA4nMEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly90dWkuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=196&vt=11&dtpt=98&dett=3&cstd=95&cisv=r20231109.89228&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
csi
csi.gstatic.com/ Frame 04EB 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lpbc09cz&c=2309331669982&slotId=1154665834991&qqid=CKu4m4W02oIDFTJh5godFmgKHA&fb=outstream-lima&vmfc=12&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:40 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 04EB 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Nov 2024 15:11:40 GMT
file.mp4
r3---sn-4g5lznez.c.2mdn.net/videoplayback/id/a8e44b2ad166d4fe/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3844999464/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 04EB
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/a8e44b2ad166d4fe/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3844999464/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
  • https://r5---sn-4g5lznez.c.2mdn.net/videoplayback/id/a8e44b2ad166d4fe/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3844999464/sparams/acao,ctier,expire,id,ip,ipbits,ita...
  • https://r3---sn-4g5lznez.c.2mdn.net/videoplayback/id/a8e44b2ad166d4fe/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3844999464/sparams/acao,ctier,expire,id,ip,ipbits,ita...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r3---sn-4g5lznez.c.2mdn.net/videoplayback/id/a8e44b2ad166d4fe/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3844999464/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/305D38108F8566BBD69DB9F6D164C4A972B58C3D.591C4FFE09F9A00550A97B210A36A768186FA839/key/cms1/cms_redirect/yes/mh/cA/mip/2001:ac8:20:3a00:1012:57e0:9325:a4a4/mm/42/mn/sn-4g5lznez/ms/onc/mt/1700751425/mv/m/mvi/5/pl/50/ir/1/rr/46/file/file.mp4
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:11::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 15:11:40 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
4315689
Last-Modified
Tue, 21 Nov 2023 07:23:27 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Thu, 23 Nov 2023 15:11:40 GMT

Redirect headers

Date
Thu, 23 Nov 2023 15:11:40 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 02 May 2007 10:26:10 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
text/html
Location
https://r3---sn-4g5lznez.c.2mdn.net/videoplayback/id/a8e44b2ad166d4fe/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3844999464/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/305D38108F8566BBD69DB9F6D164C4A972B58C3D.591C4FFE09F9A00550A97B210A36A768186FA839/key/cms1/cms_redirect/yes/mh/cA/mip/2001:ac8:20:3a00:1012:57e0:9325:a4a4/mm/42/mn/sn-4g5lznez/ms/onc/mt/1700751425/mv/m/mvi/5/pl/50/ir/1/rr/46/file/file.mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=900
Access-Control-Allow-Credentials
true
Connection
close
Timing-Allow-Origin
null
Content-Length
0
Expires
Thu, 23 Nov 2023 15:11:40 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 1EAA 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
479887
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
7799
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 01:53:33 GMT
expires
Sun, 17 Nov 2024 01:53:33 GMT
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 1EAA 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 23:21:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
143412
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Nov 2024 23:21:28 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4D1C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BlDivrGtfZevyCZaMtwfs6aPwCQAAAAA4AeAEAg&bg=!kJOlk9zNAAZxrfrxUa07ADQBe5WfOIPLItXO-4uBHosZ7qkWfsXRYS88mwfrOUzI8NIofYAGoltX5fDFL8FFvHjZthSiAgAAAHFSAAAAAmgBB5kC-pbOIMDhOYXC9b9gfMxy0HdjBA1Z3muzLQIJ2A3dApay7c0HSWzx-oaDvlmTTSlfVukXYsFgaVvJaq2Kk-9KGkiq7FmGrPhzih_g1VxmQJmPWFIXbOK6DSFpItJEvTJbU4zjL5F0ISUtwvhcEsC0EQFMKd0rFIlY001HtvkCppgontdHVaZ4XQUMTunrGSoNlvzdwi1iSf9Nrx_Oi7uWJmc3rKuTRF6_Wivw5d4ywAn7HUxJzDW3MLg__eUapOuj_tbM6OyhTuty0QDOf-8d-a7yRIPZyX4FrJ6W_klmhU2Cgs4VzdJwnvf1nxunxijTKfm6Kf0ZinVpSwcl7eHmemxQ2JFDDi9EDs11Lf7_bQyKTN3-BTNWak5fnGP17LC6lKiJu6B4oK6I0Mo_uXsDwSbYITD2zvBgkGzu674DbPhS2eRvnhyc8kFwpdfIv3OiOI3I_FUl0mupGmiJsX_w0IfdzZiAbDZSk4w9H1zd6ND2rB3sQPfLVsx5aQZPpKNahLU8HJSxvOlJn6eGCo3e8pGHftoB6I1yoXxP-z139nHr0nmDhQskmP8OiNJOhzAtJ9VHZP_Vmqlo1fhni2V2J4zjfvT1G5mFFwruxc2H8vArpzQfwgLlgewz6MRruU34TmAoXS3nPVHoApk5eMDJLGtOlro2HcanZdy2RU5b1rdO3Ggjj2Ar68hdOK3NoeMVfZkZY3Xo_Af7hM0o7ZQMKd9v8miaBAhSYQAxaaoAlMPmjUc8lyALAONXITA8V9YUsj6oNrcZRcAdqFS3K23jG3ZS9j5sIu1fzpgm_EsmAyRQNLqelnYtD-W7P_seAzalrydA6xZcaisOWvi1-5LqQeECZqNBBRBftSYuFfMGhj9hljiZH4b_hmrC7hJXFle9Pt8JTsvSmfZGHuSorxrAq2eHqsWZvfHssOf6L9bohIriqT1A1YueThpoq-s6-ODof4MeWjps_3s6Q5H14opR06uaEYOHJadz4qOOjpl_EvCu9lf6NyaqZKgM0g
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 04EB 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~lpbc0a1u&c=2309331669982&slotId=1154665834991&qqid=CKu4m4W02oIDFTJh5godFmgKHA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2093&mt=video%2Fmp4&vs=1024x576&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=347&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.15u&ua_e=1&ape=1&ple=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:40 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1EAA 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BmzlErGtfZaKDLPbox_APpriksAYAAAAAOAHgBAI&bg=!0tGl0Z7NAAZxrfrxUa07ADQBe5WfOMLHqODfaiSbfTTd341yB-0KLjDe6jqTbnaHa9So7lm1uYPAsh0_iuhngaYJF6EDAgAAAFJSAAAAAmgBBwoAez3kzmmDdKwofQX-LOQU160_dplDeL4n5ivjZfa1KbvDRNvVGRLiV0R4sknImYeO3PPQDKgl4xbyU_EnIzzj_MIA0FGD633pzb0OuCP0Xte00UisRIniWrq3ESSVgSfcNJF0lWaLBfbyicjrWKXAaQzpCT08MP2ah8AB35kDBVvhsqAM3bx-sESevF3NaK4WC74wd3By0pOGJH0NvsaHNZKYZrWR8Q5SnRxrnCTd9j0cdL8Vuae7OP0Y7EKiVfYSuaGB0qsEHGVdf9TrKis5cGbd92b7W_SXliP07j2Hf1OLctaQwzT4aKVokTFB2qVOqW_4arXyIStJsc3E_WEmG5az5uRxlhZB55hW4RDjOBzlgFUwhBKSBpK8md9WmBKTxI_KVULfVN31fvLJza7vhqiSiNxCeghdtoQMxkWj5YXwuaDVeiLS1SEyij8muf2Njwcdx4VSvJhs4mi-pifzLMsWMpRzdd9o4QT7ADbvuRSj6RKaoVTebWUyJPWmX82rgi_AQ08iAlJPTWHfWO47T4n8saLZwokWVlTL7QsXN9vg07pXP-DUh-wtjOwz0zd2ydb0IV9loQv1aqE8GloTW_1jN7hijP3XO0VKLCMkcwTECeMEqWzVkN5LTCrXrq3xOCMqxTlbPmGTRPRMTL0gUh6Ifd2t_kh38NNoSDz78q-9SkdhH72hPbaA1z_cfytU3S1u6bM9FWrTYJV6iwngKS_Xf4W13AMZWp2d0FZpZjmAakBxN3EY9Nlx5Yb6092EsAGcdnh5-BFGeQuFlhfRGHP2kTUgOHs09bdO6foTDJuaHNCG59HGdKwIA1pywzXF0X-OpL00mIHSEP_KObFiEbSPKsQ9cpfzJGxIpJuGklQI0IJUvmMTmAHYD2ni49kP0XS_JBjsKY84aGQVp4jPpcUlem6X2uRP94RufXyj0vK0BFeYx5bcRNirg1O408BX2iYqnKTx9L2B8iwlT7OVjitZnIPmhy7q4FAjOL2rmn8V9Z7G6c997Mpf2BvxsL0uzesgdY4dGUzEVGiVUKc4iO1HJ54oBMVlfcniUFfqbCV3d_YFqYc_VubuPc7Ch3eLpnUb3VRVzM68CyHAY74cr-stS_CBNK5xog1r-D5Sd_FA1BwO4eqwJPk61GHf-3J90nNfHXG5pAD_dZA02Htn1pCv0-WLuiyGbDrU9_T9ch8Rqy32
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
file.mp4
r3---sn-4g5lznez.c.2mdn.net/videoplayback/id/a8e44b2ad166d4fe/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3844999464/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 04EB 		767 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r3---sn-4g5lznez.c.2mdn.net/videoplayback/id/a8e44b2ad166d4fe/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3844999464/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/305D38108F8566BBD69DB9F6D164C4A972B58C3D.591C4FFE09F9A00550A97B210A36A768186FA839/key/cms1/cms_redirect/yes/mh/cA/mip/2001:ac8:20:3a00:1012:57e0:9325:a4a4/mm/42/mn/sn-4g5lznez/ms/onc/mt/1700751425/mv/m/mvi/5/pl/50/ir/1/rr/46/file/file.mp4
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:11::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range
bytes=0-

Response headers

expires
Thu, 23 Nov 2023 15:11:41 GMT
date
Thu, 23 Nov 2023 15:11:41 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-4315688/4315689
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
4315689
last-modified
Tue, 21 Nov 2023 07:23:27 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com
client-protocol
quic
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311090101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c9650c9340f09ad312af51509d7d57daa3f04348e9d55cc1f274e2c177d04812
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12212
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 23 Nov 2023 15:11:41 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7747 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gmanetwork.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
9941
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 12:26:00 GMT
expires
Fri, 22 Nov 2024 12:26:00 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1388 		829 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3ad320c0d8a23bc10fc0476ff56522374e4accdd588f4e34234bcc54c5a098f1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-cV5Q63_b-1pwU8iG3cDYrw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gmanetwork.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-cV5Q63_b-1pwU8iG3cDYrw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 15:11:41 GMT
expires
Thu, 23 Nov 2023 15:11:41 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		94 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 07 Nov 2023 09:08:30 GMT
server
nginx
etag
W/"6549fe8e-17704"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 24 Nov 2023 15:11:41 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 1388 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311090101&jk=2603953397491756&rc=null
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 7747 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 23:21:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
143413
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Nov 2024 23:21:28 GMT
syncframe
gum.criteo.com/ Frame 0378 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.gmanetwork.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.gmanetwork.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 15:11:41 GMT
server
Kestrel
server-processing-duration-in-ticks
787712
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		94 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 07 Nov 2023 09:08:30 GMT
server
nginx
etag
W/"6549fe8e-17704"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 24 Nov 2023 15:11:41 GMT
sid
mug.criteo.com/ Frame 0378
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=gmanetwork.com&sn=ChromeSyncframe&so=3&topUrl=www.gmanetwork.com&bundle=AcNcvF9XSFdLOUZLRUIzOGZuODJadm5PcWV6aUJLWTNia1liSCUyRnY1NTJpZ2F6dk...
  • https://mug.criteo.com/sid?cpp=V6g9e3w4NGNXaWFySDI5eTNnMG96QjdzbTFvcEI2VHVEOWp2VkRaZGdzbkJTdXFaZ092K0FRdHBKVFhpTU9OOEtNa2ZvRHpkYjVpRWxGRVh4L1VBNkgyNGI3NDhabmxZZDlrSnBoZDJPT3ZyS2VFTHpwNDZkYTBiSkgxbU...
425 B
653 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=V6g9e3w4NGNXaWFySDI5eTNnMG96QjdzbTFvcEI2VHVEOWp2VkRaZGdzbkJTdXFaZ092K0FRdHBKVFhpTU9OOEtNa2ZvRHpkYjVpRWxGRVh4L1VBNkgyNGI3NDhabmxZZDlrSnBoZDJPT3ZyS2VFTHpwNDZkYTBiSkgxbUNpMVh2OGsxTG85cTJ6NFJlZTZLSk9Hd3RHT3YrREd2ZnBOK0tnTHRXR1pZWjlJWWN5Nm1EUDJkWWxZR2VBbGhpMHVIcWxob1d6RkQydE05VjNCVzRNaktQSTFMUDRDUkFNaFdkN0JPK2hxbEo2aDdmY0RYNWduNWJPNENXTmZLSWt6RHgvNUJ6d1M4enY2Qk02MjRNVG9ZWFpvR2lKeFJMblM5UkYvaEsyTU1PZTM0VnEzVT18&cppv=2
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
144eca176c160376faa7cf44f629e5d837adf52dc98e9ad1d52ce9e01918d200
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:40 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
975238
expires
0

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:41 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=V6g9e3w4NGNXaWFySDI5eTNnMG96QjdzbTFvcEI2VHVEOWp2VkRaZGdzbkJTdXFaZ092K0FRdHBKVFhpTU9OOEtNa2ZvRHpkYjVpRWxGRVh4L1VBNkgyNGI3NDhabmxZZDlrSnBoZDJPT3ZyS2VFTHpwNDZkYTBiSkgxbUNpMVh2OGsxTG85cTJ6NFJlZTZLSk9Hd3RHT3YrREd2ZnBOK0tnTHRXR1pZWjlJWWN5Nm1EUDJkWWxZR2VBbGhpMHVIcWxob1d6RkQydE05VjNCVzRNaktQSTFMUDRDUkFNaFdkN0JPK2hxbEo2aDdmY0RYNWduNWJPNENXTmZLSWt6RHgvNUJ6d1M4enY2Qk02MjRNVG9ZWFpvR2lKeFJMblM5UkYvaEsyTU1PZTM0VnEzVT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
293187
content-length
0
expires
0
generate_204
tpc.googlesyndication.com/ Frame 7747 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?yXaMdQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:41 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ads
securepubads.g.doubleclick.net/gampad/ 		30 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2603953397491756&correlator=728531837019179&eid=31078016%2C31079527&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&iu_parts=21751243814%3A344684475%2C179580-970-90-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x90%7C728x90&fluid=height&ifi=8&didk=4118590880&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Da6b015e9e1a15ea8%3AT%3D1700752298%3ART%3D1700752298%3AS%3DALNI_Mai8vBK9srJ6gQro_as2vCV2uyTIw&gpic=UID%3D00000ce01c38806a%3AT%3D1700752298%3ART%3D1700752298%3AS%3DALNI_MaVPMhF6aL8bF4H78CRrvAI4zSlVA&abxe=1&dt=1700752302106&lmt=1700752302&adxs=315&adys=69&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.gmanetwork.com%2F&vis=1&psz=970x0&msz=970x0&fws=4&ohw=970&ga_vid=1264207553.1700752298&ga_sid=1700752298&ga_hid=885053129&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20YmqDy5b8xSABSAghkEhsKDGlkNS1zeW5jLmNvbRiMovLlvzFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBiaoPLlvzFIAFICCGQSGQoKcHViY2lkLm9yZxi7ofLlvzFIAFICCGoSHQoOZXNwLmNyaXRlby5jb20YmqDy5b8xSABSAghkEj4KBW9wZW54EixleUpwSWpvaVVHVTFVVFZqZG1oUlkxZHFVMFpUTUc1T2VVbFVRVDA5SW4wPRjopPLlvzFIAA..&dlt=1700752296380&idt=1596&prev_scp=adunit%3Ddiv_desktop_leaderboard%26prebidtrue%3D0%26hb_width%3D970%26hb_height%3D90%26active%3D1%26andbeyondhijack%3D0%26andbeyondunfilled%3D1%26visible%3D0%26refresh1%3D1%26activevisible%3D1%26refreshtype%3Dnone%26amznbid%3D2%26amznp%3D2%26adl_dis%3D-1%26hb_format_criteointl%3Damp%26hb_size_criteointl%3D728x90%26hb_pb_criteointl%3D0.09%26hb_adid_criteointl%3D11305af88852be6e%26hb_bidder_criteointl%3Dcriteointl%26hb_format_adpone%3Dbanner%26hb_size_adpone%3D0x0%26hb_pb_adpone%3D0.02%26hb_adid_adpone%3D1118004be3a435f5%26hb_bidder_adpone%3Dadpone%26hb_size%3D728x90%26hb_format%3Damp%26hb_pb%3D0.09%26rtb_pb%3D0.09%26hb_adid%3D11305af88852be6e%26hb_bidder%3Dcriteointl&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dmoat_unsafe%252Cgv_download%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable%26gs_cat%3Dgl_english%252Cgb_safe_from_high%252Cgs_busfin%252Cgt_mixed%252Cgb_spam_high_med%252Cgb_spam_high_med_low%252Cgt_negative_mistrust%252Cgs_tech%252Cgs_tech_compute%252Cgs_tech_compute_net%252Cgs_tech_compute_net_email%252Cgs_busfin_business_marketing%252Cgs_busfin_business%252Cgs_busfin_indus%252Cgs_busfin_indus_advertising%252Cgs_personalfin%252Cgs_personalfin_utility%252Cgs_personalfin_utility_phone%252Cgt_positive_pleasure%26adl_ok%3D1&adks=2355608864&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ad897e755d66db39445044cf4cf55b648f5eeee70d99acb97b020f896adf239f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:42 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12950
x-xss-protection
0
google-lineitem-id
5017562797
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138265713372
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.gmanetwork.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311090101&jk=2603953397491756&bg=!g4ClgM_NAAZxrfrxUa07ADQBe5WfOJPQxvRbHYyXl-PnWfX2aJ8jrvyiIxdvKt6EJoO561rIN3BtULIJzOoD_G2_QfTTAgAAAElSAAAAC2gBBwoAgq-XqWpsRh8oDuXF8Bm1hG8iS6PhxBJSj6C2QXcsQNUUVqgXsoXgw0Ip-DOS8ur8nR5nS18ZruNBAEFhYemoy0pd4hODHmiuI--3jl2CYywh_t0uTeS-5A7-vfd58Z8wDN7ItN8R8M_H3ThtFbbeZxhWPYAsZz4F0XymjT0L2MI9c0mZAsMvkLKvuG-dMr6HWCM6M8mQaGWd9tU5le2ZId7aVdIxbGkmmHe6XLBI6MbFYygWCfr8GENY4tjmtW6auOnnd4HbJHkyBqYsAScLdKjYxO53u3CrwcITvjTZbLnoF151Gj4vSJQ1PvKad_28niLnud3v16RO8hsSbZhcQQ0jqZA5dL-7-rMFnKYY49gnV2AsMIUVmWjotgSMP6UUtiEZR6EpEem7MUH0omQ-w08D6UaCsGWO5RqPuCMztdBEUHgfxn61pderbX7uH4G2SnZ0O3y-E8rFkoZcKDySAPeFHOfCCx54OPPEcc1l7KvdVcTBxWqHU9Q7nqy6Qd0I9Xyc5AGCfcY1gL3K4JlBPpZ8ESyJX0MQNK614mtTsEF3qBRRGwgodiUbf_0NLXrcP4QwCLdCXmNSgmfcnqfHOTt8ImI2h85PW6ORed8Jv7WISOdhFWA7PO6ZGUr_NUuGDaiMGguQs67Qr7FRYxEzY_VdimU2pgp-wi2oNiB6j1MkxbFl35KKdkWb3c4DpTYtz7h1rhxnzGWm7bi4Y68akafMvN_SxAWVJ3Xu7EZudGrT8sc4kj5kzds3hQUIEAxnDaQiFMf6Flkq7wwW71O9aj26YuNSkrq0JHZSLa_2DnC6chcleos46eazqNbrzHgUPlrEvKgRTJiADWLOd2M4o3TY85ykJrMsJ6mrUKF0YG9gno-xwA2cruHZmTfsr_xiVwjKQynT_Ej_rcjN1wjm_IJwbL95vMaM8hdMhbZ-kJJYzGiccjzh2aHjqYylgoDeVNsSHSN9nWoFNQtQg8P8F7HLJAsxhvcYVHp8icDaVlTctra5HUJnKY7Aoqk4CjSSWZDVJStleCoD1hknVDnk0ptSrs8FWb_I1zOro74LP6kjlN3S7DyvdZTkjGo-hB4u2_xRqsn1p30nUO9R_vmkf8V8Z9VmyLbiTw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
container.html
5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FA9C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gmanetwork.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 15:11:38 GMT
expires
Fri, 22 Nov 2024 15:11:38 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame FA9C 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com
URL: https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 10:09:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
190939
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 20 Nov 2024 10:09:23 GMT
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame FA9C 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: 5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com
URL: https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
38996
x-jsd-version
1.16.0
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230086-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"6721-FSYTlyriJmmnEqYsq5KQLDRsrFg"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rCvt%2BxXBEOBr1%2FAfSFHv4pwPLvQV9rOCbqTyVpIgnFoVqNFRLqgMGoPUKQzM38jEt4Tdg4Ki7r6rzXMb1PfeB%2F2k3abw32q4ki1uMX3R0tGDeX9DuIVlzgB7ewI3PRk3wcAAYxc1RnpCZyr5ve4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
82aa58a2ac0a5d45-FRA
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame FA9C 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com
URL: https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Nov 2023 15:11:42 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame FA9C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssxZYGvFesAjaBRqoT0Nrd06C0PWK50o8GgGVHgnpvAJ05sUlkiLNPHorFnBYq9Lui5_Eq2bGDkAxXbLj9zIQyZHwVu1JdQbkzKGNEBIQkuK71yk06jW6RbmZoMjKvh3gt3bGqBuqN9g09v-vbCvmHntEYvolDpH1L8y8HPTRTAtR4DTM_SLXwoPid1kQTscx3uIUBcOeaHMLKKf-EgRNndImoTI0ocQR4zQN1HhO-TOHm0s3w4UsB6rSobz_hbgrHBjeFPeM4cJ1ayrd5RyfSmKFwerSwYWkacXQ2KXE7DssjkUdQ5OBxPK15mxyalo8gusAFSyf1wSWDCAxDvqNf5btOG8V-SayuKCFwaXPXkklOtS2EKzQ&sai=AMfl-YTPN1HFli3zHk-pgykmmYVaoBvONPJ2niQu97yxpah4IcnCUyiiYADYlbMeuDlhzHJg9Ya0MYlDSfNQHWD0p-cphBUSrpCKMM5jE5ZtgffrmtcDpWaXgSNLT0fBu0c&sig=Cg0ArKJSzBqSWMKMszj-EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com
URL: https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame 8805 		54 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CSjCvTxYxxVVrYmVuEXo%2BaZ4nvosARr3xN0lMWRUbgvM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aNUWWi1001QP2DbcHx13CV5SzTvXB70MtC8x70eaXXB_Q70a-ihYkYnVy5NZv9uK6fMOnC62W7jrDDLCzRxJ7zyOzSCAKHh9Px4VZOxi8Lf1H9bflHarUWmuCSjF94WKX9mEuCo82pzWYJf6ZiwmqTcurc7uS3MAB1DCzE5KUJAfbTRMTRQ1UG_aA7rKJrWoGSdAAPg8ikmyhpr_Fk47xaRdv_FRz9uiP-QLZaCQudfBA-THa7qU1aSG3vRS5uN3OLifVHXQzCa7S6jnCvM7ZCYEAO1dPi9JbiSZ1g4CF6BPlfp793pv2sOFA3UsYCG528p9tGQWdi8cSZLZFNlmw8WmiLaR97yUv3JE95T4dpXESEjJUCc6SAxEIQYkMOKEseQUuu7HfWJbuqBwJ6nF-cbSt53xNsFPdaGmH5n33YvSalFek9iN4My-DPCGEM4mEGyjh-2PqVPHa4xyetc3ynvp9hmWrylWgK8X3vgzreZkuUdJrtxJrrhvzGVhw9g3v5cnzV-EYNXJZ_Koq5gW9uPkMVFw9xsESQguKnmcklyz3SfRJK5HmR8
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
8a513e9310b41b8005dc6c8a479188d256e40e27e7f8e8497bc21405abe15f74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 15:11:42 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=y7are3C1fFocUGtTPQtSQsLELpWJYnEHOhiB4O2hRiVj5wHc1sZ8xhgpn4IYvKGC9wb8DNboBTFoQhrHCRomKP38kZh7jxyg8QlzUOFF76QJ3gqXto1JMoIVBnzGZ176aUZ8z4bJdmxZgpBrGiIQmxqKkwdXKYSz-j-mn0UmNEoykCgXzmim8lMO0byrFEjCVaxeDEyLp_stYXlbBdUhkFzy5OBhNDiluWzaf54Si6LfnYXDuOqQl824TEU"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
5042376
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
tpd
cat.nl3.eu.criteo.com/ Frame 0822 		43 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/tpd?dd=rPV_HF9jS0dlRjF4akFEMUtHYVlOc293RXJQbmliWkNUNGU5Z2NoeG5lNkd0dndJN2RpYjZtb05xMHZDc2FwTmgySmZXb0dQeTJIMXVsNm80ZEozWjFDVkVhR3QlMkJoQjVrNkFNUFNNYk0lMkJlakdPcyUyRndxRkhQSTdmcUJiUGd4SDN6Nld6YUNnMlFXMFpISnhhSmZzWFglMkJzT2p5NExEbjNqelZBM2VtNjlXeEh4MVczTmYxSVhUcmgwNTNJM0lsamY3bnpFYXMlMkZCRU9yRDUydHQlMkY2R2NZcm52MFlac2RlaVd2UVBybjVwYjBrR1dzekRIdmRwMVBKM0NKN0xEU1V4d2N5aXNCMm83NCUyQkpNeSUyRkRKR040Q2lGbXlBcVJKNUh0clB3S0hZRSUyQjM2SEklMkJMekNpZm1jZGZPQSUyRjZmZTVpVnZqWkdjbGV3eiUyQmxldGkzZSUyRkxhY0MxcCUyRmFHNGwyUVR0eGtZZHNRTGg2dllXb3hRcTJBNmMzaHpDc3ElMkYxckF0SSUyRk8lMkJORWZFUW0yeEt4dXR4TFF6eGNwMFo0S2NnSkVsRUF0OUl2bnpWQm1KZkolMkJxZXZBJTNE
Requested by
Host: 5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com
URL: https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:41 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-max-age
1000
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
192520
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
truncated
/ Frame FA9C 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
412da37a2894962aa0215a328203b5f4b9b077983f81b3a746d0c64559b54c17

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame 8805 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CSjCvTxYxxVVrYmVuEXo%2BaZ4nvosARr3xN0lMWRUbgvM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aNUWWi1001QP2DbcHx13CV5SzTvXB70MtC8x70eaXXB_Q70a-ihYkYnVy5NZv9uK6fMOnC62W7jrDDLCzRxJ7zyOzSCAKHh9Px4VZOxi8Lf1H9bflHarUWmuCSjF94WKX9mEuCo82pzWYJf6ZiwmqTcurc7uS3MAB1DCzE5KUJAfbTRMTRQ1UG_aA7rKJrWoGSdAAPg8ikmyhpr_Fk47xaRdv_FRz9uiP-QLZaCQudfBA-THa7qU1aSG3vRS5uN3OLifVHXQzCa7S6jnCvM7ZCYEAO1dPi9JbiSZ1g4CF6BPlfp793pv2sOFA3UsYCG528p9tGQWdi8cSZLZFNlmw8WmiLaR97yUv3JE95T4dpXESEjJUCc6SAxEIQYkMOKEseQUuu7HfWJbuqBwJ6nF-cbSt53xNsFPdaGmH5n33YvSalFek9iN4My-DPCGEM4mEGyjh-2PqVPHa4xyetc3ynvp9hmWrylWgK8X3vgzreZkuUdJrtxJrrhvzGVhw9g3v5cnzV-EYNXJZ_Koq5gW9uPkMVFw9xsESQguKnmcklyz3SfRJK5HmR8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 17 Nov 2024 15:11:42 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 8805 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CSjCvTxYxxVVrYmVuEXo%2BaZ4nvosARr3xN0lMWRUbgvM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aNUWWi1001QP2DbcHx13CV5SzTvXB70MtC8x70eaXXB_Q70a-ihYkYnVy5NZv9uK6fMOnC62W7jrDDLCzRxJ7zyOzSCAKHh9Px4VZOxi8Lf1H9bflHarUWmuCSjF94WKX9mEuCo82pzWYJf6ZiwmqTcurc7uS3MAB1DCzE5KUJAfbTRMTRQ1UG_aA7rKJrWoGSdAAPg8ikmyhpr_Fk47xaRdv_FRz9uiP-QLZaCQudfBA-THa7qU1aSG3vRS5uN3OLifVHXQzCa7S6jnCvM7ZCYEAO1dPi9JbiSZ1g4CF6BPlfp793pv2sOFA3UsYCG528p9tGQWdi8cSZLZFNlmw8WmiLaR97yUv3JE95T4dpXESEjJUCc6SAxEIQYkMOKEseQUuu7HfWJbuqBwJ6nF-cbSt53xNsFPdaGmH5n33YvSalFek9iN4My-DPCGEM4mEGyjh-2PqVPHa4xyetc3ynvp9hmWrylWgK8X3vgzreZkuUdJrtxJrrhvzGVhw9g3v5cnzV-EYNXJZ_Koq5gW9uPkMVFw9xsESQguKnmcklyz3SfRJK5HmR8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 17 Nov 2024 15:11:42 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 8805 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CSjCvTxYxxVVrYmVuEXo%2BaZ4nvosARr3xN0lMWRUbgvM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aNUWWi1001QP2DbcHx13CV5SzTvXB70MtC8x70eaXXB_Q70a-ihYkYnVy5NZv9uK6fMOnC62W7jrDDLCzRxJ7zyOzSCAKHh9Px4VZOxi8Lf1H9bflHarUWmuCSjF94WKX9mEuCo82pzWYJf6ZiwmqTcurc7uS3MAB1DCzE5KUJAfbTRMTRQ1UG_aA7rKJrWoGSdAAPg8ikmyhpr_Fk47xaRdv_FRz9uiP-QLZaCQudfBA-THa7qU1aSG3vRS5uN3OLifVHXQzCa7S6jnCvM7ZCYEAO1dPi9JbiSZ1g4CF6BPlfp793pv2sOFA3UsYCG528p9tGQWdi8cSZLZFNlmw8WmiLaR97yUv3JE95T4dpXESEjJUCc6SAxEIQYkMOKEseQUuu7HfWJbuqBwJ6nF-cbSt53xNsFPdaGmH5n33YvSalFek9iN4My-DPCGEM4mEGyjh-2PqVPHa4xyetc3ynvp9hmWrylWgK8X3vgzreZkuUdJrtxJrrhvzGVhw9g3v5cnzV-EYNXJZ_Koq5gW9uPkMVFw9xsESQguKnmcklyz3SfRJK5HmR8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:42 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 17 Nov 2024 15:11:42 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 8805 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CSjCvTxYxxVVrYmVuEXo%2BaZ4nvosARr3xN0lMWRUbgvM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aNUWWi1001QP2DbcHx13CV5SzTvXB70MtC8x70eaXXB_Q70a-ihYkYnVy5NZv9uK6fMOnC62W7jrDDLCzRxJ7zyOzSCAKHh9Px4VZOxi8Lf1H9bflHarUWmuCSjF94WKX9mEuCo82pzWYJf6ZiwmqTcurc7uS3MAB1DCzE5KUJAfbTRMTRQ1UG_aA7rKJrWoGSdAAPg8ikmyhpr_Fk47xaRdv_FRz9uiP-QLZaCQudfBA-THa7qU1aSG3vRS5uN3OLifVHXQzCa7S6jnCvM7ZCYEAO1dPi9JbiSZ1g4CF6BPlfp793pv2sOFA3UsYCG528p9tGQWdi8cSZLZFNlmw8WmiLaR97yUv3JE95T4dpXESEjJUCc6SAxEIQYkMOKEseQUuu7HfWJbuqBwJ6nF-cbSt53xNsFPdaGmH5n33YvSalFek9iN4My-DPCGEM4mEGyjh-2PqVPHa4xyetc3ynvp9hmWrylWgK8X3vgzreZkuUdJrtxJrrhvzGVhw9g3v5cnzV-EYNXJZ_Koq5gW9uPkMVFw9xsESQguKnmcklyz3SfRJK5HmR8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:42 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sun, 17 Nov 2024 15:11:42 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 8805 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=fK0c9RrGQxpwhhx2-qYI_QTvk3RuP-OLlvsgCf4dIICv_TbLr6Je8XYXON9Q_hmKUC2kFySGr_YnrCn5UdZ-9-u_s131F46YxaBJHrtCDf_Tt48vxTiyQgYZTY8S4QpCvp4Eaacg7c6ZotfWb0xLw8ZSTtU03DFI9TqlTheTEFEC05naJbcI4AVV1CX-PtC8MaG1NmcmxAkTXzNIEyhQqhgCEm8Nrn9d6qwvfTtJ7ZfXWG-iH4BCI3UkJrGvseVoAJYtSDZPQvak8mSxFwgtS6_fgJPUEQduqPqvaRNV82gPwpUN5UE7pn_fOiXKbgFDybSSoO5oBzXX0aj_hnRbmvQE0dHY1xPBoNzAlW20rgf3DET3z1TchkdOkSt9VhiO_4ONZCU7xK_0SSn-YFaABkaZ_fi6UGVG6uCVjw_A1h_4ux0roZeQQ_z3HuTOfu3IqoK-cdoSa0F9Z6vUZ32nVDCM19M
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CSjCvTxYxxVVrYmVuEXo%2BaZ4nvosARr3xN0lMWRUbgvM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aNUWWi1001QP2DbcHx13CV5SzTvXB70MtC8x70eaXXB_Q70a-ihYkYnVy5NZv9uK6fMOnC62W7jrDDLCzRxJ7zyOzSCAKHh9Px4VZOxi8Lf1H9bflHarUWmuCSjF94WKX9mEuCo82pzWYJf6ZiwmqTcurc7uS3MAB1DCzE5KUJAfbTRMTRQ1UG_aA7rKJrWoGSdAAPg8ikmyhpr_Fk47xaRdv_FRz9uiP-QLZaCQudfBA-THa7qU1aSG3vRS5uN3OLifVHXQzCa7S6jnCvM7ZCYEAO1dPi9JbiSZ1g4CF6BPlfp793pv2sOFA3UsYCG528p9tGQWdi8cSZLZFNlmw8WmiLaR97yUv3JE95T4dpXESEjJUCc6SAxEIQYkMOKEseQUuu7HfWJbuqBwJ6nF-cbSt53xNsFPdaGmH5n33YvSalFek9iN4My-DPCGEM4mEGyjh-2PqVPHa4xyetc3ynvp9hmWrylWgK8X3vgzreZkuUdJrtxJrrhvzGVhw9g3v5cnzV-EYNXJZ_Koq5gW9uPkMVFw9xsESQguKnmcklyz3SfRJK5HmR8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:42 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2012772
expires
Mon, 26 Jul 1997 05:00:00 GMT
ff3effe8d9cc462799be00bae826fd2c_image_ad_728x90.jpeg
static.criteo.net/design/dt/108178/4991264/ Frame 8805 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/108178/4991264/ff3effe8d9cc462799be00bae826fd2c_image_ad_728x90.jpeg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CSjCvTxYxxVVrYmVuEXo%2BaZ4nvosARr3xN0lMWRUbgvM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aNUWWi1001QP2DbcHx13CV5SzTvXB70MtC8x70eaXXB_Q70a-ihYkYnVy5NZv9uK6fMOnC62W7jrDDLCzRxJ7zyOzSCAKHh9Px4VZOxi8Lf1H9bflHarUWmuCSjF94WKX9mEuCo82pzWYJf6ZiwmqTcurc7uS3MAB1DCzE5KUJAfbTRMTRQ1UG_aA7rKJrWoGSdAAPg8ikmyhpr_Fk47xaRdv_FRz9uiP-QLZaCQudfBA-THa7qU1aSG3vRS5uN3OLifVHXQzCa7S6jnCvM7ZCYEAO1dPi9JbiSZ1g4CF6BPlfp793pv2sOFA3UsYCG528p9tGQWdi8cSZLZFNlmw8WmiLaR97yUv3JE95T4dpXESEjJUCc6SAxEIQYkMOKEseQUuu7HfWJbuqBwJ6nF-cbSt53xNsFPdaGmH5n33YvSalFek9iN4My-DPCGEM4mEGyjh-2PqVPHa4xyetc3ynvp9hmWrylWgK8X3vgzreZkuUdJrtxJrrhvzGVhw9g3v5cnzV-EYNXJZ_Koq5gW9uPkMVFw9xsESQguKnmcklyz3SfRJK5HmR8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a552ff7640fb26c3d96b137019553bc57718c2b895fadeb35228971e325976df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:42 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Sep 2023 13:49:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"65158470-8197"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
33175
expires
Sun, 17 Nov 2024 15:11:42 GMT
dis.aspx
widget.nl3.eu.criteo.com/dis/ Frame 5A61 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=186190&cb=655f6bae82e6cbb100467eaf0f26d8be&r=https%3a%2f%2f5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com%2f&crossorigin=false
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CSjCvTxYxxVVrYmVuEXo%2BaZ4nvosARr3xN0lMWRUbgvM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aNUWWi1001QP2DbcHx13CV5SzTvXB70MtC8x70eaXXB_Q70a-ihYkYnVy5NZv9uK6fMOnC62W7jrDDLCzRxJ7zyOzSCAKHh9Px4VZOxi8Lf1H9bflHarUWmuCSjF94WKX9mEuCo82pzWYJf6ZiwmqTcurc7uS3MAB1DCzE5KUJAfbTRMTRQ1UG_aA7rKJrWoGSdAAPg8ikmyhpr_Fk47xaRdv_FRz9uiP-QLZaCQudfBA-THa7qU1aSG3vRS5uN3OLifVHXQzCa7S6jnCvM7ZCYEAO1dPi9JbiSZ1g4CF6BPlfp793pv2sOFA3UsYCG528p9tGQWdi8cSZLZFNlmw8WmiLaR97yUv3JE95T4dpXESEjJUCc6SAxEIQYkMOKEseQUuu7HfWJbuqBwJ6nF-cbSt53xNsFPdaGmH5n33YvSalFek9iN4My-DPCGEM4mEGyjh-2PqVPHa4xyetc3ynvp9hmWrylWgK8X3vgzreZkuUdJrtxJrrhvzGVhw9g3v5cnzV-EYNXJZ_Koq5gW9uPkMVFw9xsESQguKnmcklyz3SfRJK5HmR8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
02478408a239ca6bc39381cf0fd8931b0ccbe63507acda5fbaaac4d4125de04f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html
date
Thu, 23 Nov 2023 15:11:41 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
2238342
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
vary
Accept-Encoding
all
csm.eu.criteo.net/ Frame 8805 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=y7are3C1fFocUGtTPQtSQsLELpWJYnEHOhiB4O2hRiVj5wHc1sZ8xhgpn4IYvKGC9wb8DNboBTFoQhrHCRomKP38kZh7jxyg8QlzUOFF76QJ3gqXto1JMoIVBnzGZ176aUZ8z4bJdmxZgpBrGiIQmxqKkwdXKYSz-j-mn0UmNEoykCgXzmim8lMO0byrFEjCVaxeDEyLp_stYXlbBdUhkFzy5OBhNDiluWzaf54Si6LfnYXDuOqQl824TEU&sds=2&rev=89278&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CSjCvTxYxxVVrYmVuEXo%2BaZ4nvosARr3xN0lMWRUbgvM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aNUWWi1001QP2DbcHx13CV5SzTvXB70MtC8x70eaXXB_Q70a-ihYkYnVy5NZv9uK6fMOnC62W7jrDDLCzRxJ7zyOzSCAKHh9Px4VZOxi8Lf1H9bflHarUWmuCSjF94WKX9mEuCo82pzWYJf6ZiwmqTcurc7uS3MAB1DCzE5KUJAfbTRMTRQ1UG_aA7rKJrWoGSdAAPg8ikmyhpr_Fk47xaRdv_FRz9uiP-QLZaCQudfBA-THa7qU1aSG3vRS5uN3OLifVHXQzCa7S6jnCvM7ZCYEAO1dPi9JbiSZ1g4CF6BPlfp793pv2sOFA3UsYCG528p9tGQWdi8cSZLZFNlmw8WmiLaR97yUv3JE95T4dpXESEjJUCc6SAxEIQYkMOKEseQUuu7HfWJbuqBwJ6nF-cbSt53xNsFPdaGmH5n33YvSalFek9iN4My-DPCGEM4mEGyjh-2PqVPHa4xyetc3ynvp9hmWrylWgK8X3vgzreZkuUdJrtxJrrhvzGVhw9g3v5cnzV-EYNXJZ_Koq5gW9uPkMVFw9xsESQguKnmcklyz3SfRJK5HmR8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 23 Nov 2023 15:11:42 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 8805 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CSjCvTxYxxVVrYmVuEXo%2BaZ4nvosARr3xN0lMWRUbgvM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aNUWWi1001QP2DbcHx13CV5SzTvXB70MtC8x70eaXXB_Q70a-ihYkYnVy5NZv9uK6fMOnC62W7jrDDLCzRxJ7zyOzSCAKHh9Px4VZOxi8Lf1H9bflHarUWmuCSjF94WKX9mEuCo82pzWYJf6ZiwmqTcurc7uS3MAB1DCzE5KUJAfbTRMTRQ1UG_aA7rKJrWoGSdAAPg8ikmyhpr_Fk47xaRdv_FRz9uiP-QLZaCQudfBA-THa7qU1aSG3vRS5uN3OLifVHXQzCa7S6jnCvM7ZCYEAO1dPi9JbiSZ1g4CF6BPlfp793pv2sOFA3UsYCG528p9tGQWdi8cSZLZFNlmw8WmiLaR97yUv3JE95T4dpXESEjJUCc6SAxEIQYkMOKEseQUuu7HfWJbuqBwJ6nF-cbSt53xNsFPdaGmH5n33YvSalFek9iN4My-DPCGEM4mEGyjh-2PqVPHa4xyetc3ynvp9hmWrylWgK8X3vgzreZkuUdJrtxJrrhvzGVhw9g3v5cnzV-EYNXJZ_Koq5gW9uPkMVFw9xsESQguKnmcklyz3SfRJK5HmR8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 17 Nov 2024 15:11:42 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 8805 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CSjCvTxYxxVVrYmVuEXo%2BaZ4nvosARr3xN0lMWRUbgvM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aNUWWi1001QP2DbcHx13CV5SzTvXB70MtC8x70eaXXB_Q70a-ihYkYnVy5NZv9uK6fMOnC62W7jrDDLCzRxJ7zyOzSCAKHh9Px4VZOxi8Lf1H9bflHarUWmuCSjF94WKX9mEuCo82pzWYJf6ZiwmqTcurc7uS3MAB1DCzE5KUJAfbTRMTRQ1UG_aA7rKJrWoGSdAAPg8ikmyhpr_Fk47xaRdv_FRz9uiP-QLZaCQudfBA-THa7qU1aSG3vRS5uN3OLifVHXQzCa7S6jnCvM7ZCYEAO1dPi9JbiSZ1g4CF6BPlfp793pv2sOFA3UsYCG528p9tGQWdi8cSZLZFNlmw8WmiLaR97yUv3JE95T4dpXESEjJUCc6SAxEIQYkMOKEseQUuu7HfWJbuqBwJ6nF-cbSt53xNsFPdaGmH5n33YvSalFek9iN4My-DPCGEM4mEGyjh-2PqVPHa4xyetc3ynvp9hmWrylWgK8X3vgzreZkuUdJrtxJrrhvzGVhw9g3v5cnzV-EYNXJZ_Koq5gW9uPkMVFw9xsESQguKnmcklyz3SfRJK5HmR8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 17 Nov 2024 15:11:42 GMT
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 94FE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-gj2KscyNEPrsLnsI-fhaS2wBwXt5Zb-1KSth2g&google_cm&google_hm=ay1najJLc2N5TkVQcnNMbnNJLWZoYVMyd0J3WHQ1WmItM...
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-gj2KscyNEPrsLnsI-fhaS2wBwXt5Zb-1KSth2g&google_gid=CAESEOs9l9fRfItlQ6pnuYRmiFc&google_cver=1&google_ula=913071,0
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-gj2KscyNEPrsLnsI-fhaS2wBwXt5Zb-1KSth2g&google_gid=CAESEOs9l9fRfItlQ6pnuYRmiFc&google_cver=1&google_ula=913071,0
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:42 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
595590
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-gj2KscyNEPrsLnsI-fhaS2wBwXt5Zb-1KSth2g&google_gid=CAESEOs9l9fRfItlQ6pnuYRmiFc&google_cver=1&google_ula=913071,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
398
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/ Frame 94FE 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-HG9RWcyNEPrsLnsI-fhaS2wBwXs16qlfwjeU1Q&expires=30
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CSjCvTxYxxVVrYmVuEXo%2BaZ4nvosARr3xN0lMWRUbgvM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aNUWWi1001QP2DbcHx13CV5SzTvXB70MtC8x70eaXXB_Q70a-ihYkYnVy5NZv9uK6fMOnC62W7jrDDLCzRxJ7zyOzSCAKHh9Px4VZOxi8Lf1H9bflHarUWmuCSjF94WKX9mEuCo82pzWYJf6ZiwmqTcurc7uS3MAB1DCzE5KUJAfbTRMTRQ1UG_aA7rKJrWoGSdAAPg8ikmyhpr_Fk47xaRdv_FRz9uiP-QLZaCQudfBA-THa7qU1aSG3vRS5uN3OLifVHXQzCa7S6jnCvM7ZCYEAO1dPi9JbiSZ1g4CF6BPlfp793pv2sOFA3UsYCG528p9tGQWdi8cSZLZFNlmw8WmiLaR97yUv3JE95T4dpXESEjJUCc6SAxEIQYkMOKEseQUuu7HfWJbuqBwJ6nF-cbSt53xNsFPdaGmH5n33YvSalFek9iN4My-DPCGEM4mEGyjh-2PqVPHa4xyetc3ynvp9hmWrylWgK8X3vgzreZkuUdJrtxJrrhvzGVhw9g3v5cnzV-EYNXJZ_Koq5gW9uPkMVFw9xsESQguKnmcklyz3SfRJK5HmR8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.92.77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-92-77.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:42 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 94FE
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1095307074585270627
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1095307074585270627
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:42 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1200232
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:42 GMT
an-x-request-uuid
a1614aeb-4778-40e8-b6d0-0a5f1e7d10e9
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1095307074585270627
x-proxy-origin
45.141.152.75; 45.141.152.75; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.php
contextual.media.net/ Frame 94FE 		53 B
783 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-cM1CZsyNEPrsLnsI-fhaS2wBwXs6aYHVx7nPsQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CSjCvTxYxxVVrYmVuEXo%2BaZ4nvosARr3xN0lMWRUbgvM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aNUWWi1001QP2DbcHx13CV5SzTvXB70MtC8x70eaXXB_Q70a-ihYkYnVy5NZv9uK6fMOnC62W7jrDDLCzRxJ7zyOzSCAKHh9Px4VZOxi8Lf1H9bflHarUWmuCSjF94WKX9mEuCo82pzWYJf6ZiwmqTcurc7uS3MAB1DCzE5KUJAfbTRMTRQ1UG_aA7rKJrWoGSdAAPg8ikmyhpr_Fk47xaRdv_FRz9uiP-QLZaCQudfBA-THa7qU1aSG3vRS5uN3OLifVHXQzCa7S6jnCvM7ZCYEAO1dPi9JbiSZ1g4CF6BPlfp793pv2sOFA3UsYCG528p9tGQWdi8cSZLZFNlmw8WmiLaR97yUv3JE95T4dpXESEjJUCc6SAxEIQYkMOKEseQUuu7HfWJbuqBwJ6nF-cbSt53xNsFPdaGmH5n33YvSalFek9iN4My-DPCGEM4mEGyjh-2PqVPHa4xyetc3ynvp9hmWrylWgK8X3vgzreZkuUdJrtxJrrhvzGVhw9g3v5cnzV-EYNXJZ_Koq5gW9uPkMVFw9xsESQguKnmcklyz3SfRJK5HmR8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.156.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-156-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 23 Nov 2023 15:11:42 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Thu, 23 Nov 2023 15:11:42 GMT
tap.php
pixel.rubiconproject.com/ Frame 94FE 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-X1E0McyNEPrsLnsI-fhaS2wBwXuNH5k0j91O9Q&expires=30
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CSjCvTxYxxVVrYmVuEXo%2BaZ4nvosARr3xN0lMWRUbgvM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aNUWWi1001QP2DbcHx13CV5SzTvXB70MtC8x70eaXXB_Q70a-ihYkYnVy5NZv9uK6fMOnC62W7jrDDLCzRxJ7zyOzSCAKHh9Px4VZOxi8Lf1H9bflHarUWmuCSjF94WKX9mEuCo82pzWYJf6ZiwmqTcurc7uS3MAB1DCzE5KUJAfbTRMTRQ1UG_aA7rKJrWoGSdAAPg8ikmyhpr_Fk47xaRdv_FRz9uiP-QLZaCQudfBA-THa7qU1aSG3vRS5uN3OLifVHXQzCa7S6jnCvM7ZCYEAO1dPi9JbiSZ1g4CF6BPlfp793pv2sOFA3UsYCG528p9tGQWdi8cSZLZFNlmw8WmiLaR97yUv3JE95T4dpXESEjJUCc6SAxEIQYkMOKEseQUuu7HfWJbuqBwJ6nF-cbSt53xNsFPdaGmH5n33YvSalFek9iN4My-DPCGEM4mEGyjh-2PqVPHa4xyetc3ynvp9hmWrylWgK8X3vgzreZkuUdJrtxJrrhvzGVhw9g3v5cnzV-EYNXJZ_Koq5gW9uPkMVFw9xsESQguKnmcklyz3SfRJK5HmR8
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
rtb-csync.smartadserver.com/redir/ Frame 94FE 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-VgX1FMyNEPrsLnsI-fhaS2wBwXtY9CHx2vfldw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CSjCvTxYxxVVrYmVuEXo%2BaZ4nvosARr3xN0lMWRUbgvM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aNUWWi1001QP2DbcHx13CV5SzTvXB70MtC8x70eaXXB_Q70a-ihYkYnVy5NZv9uK6fMOnC62W7jrDDLCzRxJ7zyOzSCAKHh9Px4VZOxi8Lf1H9bflHarUWmuCSjF94WKX9mEuCo82pzWYJf6ZiwmqTcurc7uS3MAB1DCzE5KUJAfbTRMTRQ1UG_aA7rKJrWoGSdAAPg8ikmyhpr_Fk47xaRdv_FRz9uiP-QLZaCQudfBA-THa7qU1aSG3vRS5uN3OLifVHXQzCa7S6jnCvM7ZCYEAO1dPi9JbiSZ1g4CF6BPlfp793pv2sOFA3UsYCG528p9tGQWdi8cSZLZFNlmw8WmiLaR97yUv3JE95T4dpXESEjJUCc6SAxEIQYkMOKEseQUuu7HfWJbuqBwJ6nF-cbSt53xNsFPdaGmH5n33YvSalFek9iN4My-DPCGEM4mEGyjh-2PqVPHa4xyetc3ynvp9hmWrylWgK8X3vgzreZkuUdJrtxJrrhvzGVhw9g3v5cnzV-EYNXJZ_Koq5gW9uPkMVFw9xsESQguKnmcklyz3SfRJK5HmR8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.146 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:42 GMT
transfer-encoding
chunked
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 94FE 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-quLn3syNEPrsLnsI-fhaS2wBwXs5pZG-hXvYwA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CSjCvTxYxxVVrYmVuEXo%2BaZ4nvosARr3xN0lMWRUbgvM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aNUWWi1001QP2DbcHx13CV5SzTvXB70MtC8x70eaXXB_Q70a-ihYkYnVy5NZv9uK6fMOnC62W7jrDDLCzRxJ7zyOzSCAKHh9Px4VZOxi8Lf1H9bflHarUWmuCSjF94WKX9mEuCo82pzWYJf6ZiwmqTcurc7uS3MAB1DCzE5KUJAfbTRMTRQ1UG_aA7rKJrWoGSdAAPg8ikmyhpr_Fk47xaRdv_FRz9uiP-QLZaCQudfBA-THa7qU1aSG3vRS5uN3OLifVHXQzCa7S6jnCvM7ZCYEAO1dPi9JbiSZ1g4CF6BPlfp793pv2sOFA3UsYCG528p9tGQWdi8cSZLZFNlmw8WmiLaR97yUv3JE95T4dpXESEjJUCc6SAxEIQYkMOKEseQUuu7HfWJbuqBwJ6nF-cbSt53xNsFPdaGmH5n33YvSalFek9iN4My-DPCGEM4mEGyjh-2PqVPHa4xyetc3ynvp9hmWrylWgK8X3vgzreZkuUdJrtxJrrhvzGVhw9g3v5cnzV-EYNXJZ_Koq5gW9uPkMVFw9xsESQguKnmcklyz3SfRJK5HmR8
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:42 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13401
um
criteo-sync.teads.tv/ Frame 94FE 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-Nl4BRMyNEPrsLnsI-fhaS2wBwXtOZAnhGHGfvw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CSjCvTxYxxVVrYmVuEXo%2BaZ4nvosARr3xN0lMWRUbgvM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aNUWWi1001QP2DbcHx13CV5SzTvXB70MtC8x70eaXXB_Q70a-ihYkYnVy5NZv9uK6fMOnC62W7jrDDLCzRxJ7zyOzSCAKHh9Px4VZOxi8Lf1H9bflHarUWmuCSjF94WKX9mEuCo82pzWYJf6ZiwmqTcurc7uS3MAB1DCzE5KUJAfbTRMTRQ1UG_aA7rKJrWoGSdAAPg8ikmyhpr_Fk47xaRdv_FRz9uiP-QLZaCQudfBA-THa7qU1aSG3vRS5uN3OLifVHXQzCa7S6jnCvM7ZCYEAO1dPi9JbiSZ1g4CF6BPlfp793pv2sOFA3UsYCG528p9tGQWdi8cSZLZFNlmw8WmiLaR97yUv3JE95T4dpXESEjJUCc6SAxEIQYkMOKEseQUuu7HfWJbuqBwJ6nF-cbSt53xNsFPdaGmH5n33YvSalFek9iN4My-DPCGEM4mEGyjh-2PqVPHa4xyetc3ynvp9hmWrylWgK8X3vgzreZkuUdJrtxJrrhvzGVhw9g3v5cnzV-EYNXJZ_Koq5gW9uPkMVFw9xsESQguKnmcklyz3SfRJK5HmR8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires
Thu, 23 Nov 2023 15:11:42 GMT
pragma
no-cache
date
Thu, 23 Nov 2023 15:11:42 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
xuid
eb2.3lift.com/ Frame 94FE 		37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-dhSRHcyNEPrsLnsI-fhaS2wBwXurft91cTDVzA&dongle=013b
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CSjCvTxYxxVVrYmVuEXo%2BaZ4nvosARr3xN0lMWRUbgvM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aNUWWi1001QP2DbcHx13CV5SzTvXB70MtC8x70eaXXB_Q70a-ihYkYnVy5NZv9uK6fMOnC62W7jrDDLCzRxJ7zyOzSCAKHh9Px4VZOxi8Lf1H9bflHarUWmuCSjF94WKX9mEuCo82pzWYJf6ZiwmqTcurc7uS3MAB1DCzE5KUJAfbTRMTRQ1UG_aA7rKJrWoGSdAAPg8ikmyhpr_Fk47xaRdv_FRz9uiP-QLZaCQudfBA-THa7qU1aSG3vRS5uN3OLifVHXQzCa7S6jnCvM7ZCYEAO1dPi9JbiSZ1g4CF6BPlfp793pv2sOFA3UsYCG528p9tGQWdi8cSZLZFNlmw8WmiLaR97yUv3JE95T4dpXESEjJUCc6SAxEIQYkMOKEseQUuu7HfWJbuqBwJ6nF-cbSt53xNsFPdaGmH5n33YvSalFek9iN4My-DPCGEM4mEGyjh-2PqVPHa4xyetc3ynvp9hmWrylWgK8X3vgzreZkuUdJrtxJrrhvzGVhw9g3v5cnzV-EYNXJZ_Koq5gW9uPkMVFw9xsESQguKnmcklyz3SfRJK5HmR8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:42 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
sync
ups.analytics.yahoo.com/ups/58301/ Frame 94FE 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-d5tuS8yNEPrsLnsI-fhaS2wBwXu9rO9PGZGCEQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CSjCvTxYxxVVrYmVuEXo%2BaZ4nvosARr3xN0lMWRUbgvM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aNUWWi1001QP2DbcHx13CV5SzTvXB70MtC8x70eaXXB_Q70a-ihYkYnVy5NZv9uK6fMOnC62W7jrDDLCzRxJ7zyOzSCAKHh9Px4VZOxi8Lf1H9bflHarUWmuCSjF94WKX9mEuCo82pzWYJf6ZiwmqTcurc7uS3MAB1DCzE5KUJAfbTRMTRQ1UG_aA7rKJrWoGSdAAPg8ikmyhpr_Fk47xaRdv_FRz9uiP-QLZaCQudfBA-THa7qU1aSG3vRS5uN3OLifVHXQzCa7S6jnCvM7ZCYEAO1dPi9JbiSZ1g4CF6BPlfp793pv2sOFA3UsYCG528p9tGQWdi8cSZLZFNlmw8WmiLaR97yUv3JE95T4dpXESEjJUCc6SAxEIQYkMOKEseQUuu7HfWJbuqBwJ6nF-cbSt53xNsFPdaGmH5n33YvSalFek9iN4My-DPCGEM4mEGyjh-2PqVPHa4xyetc3ynvp9hmWrylWgK8X3vgzreZkuUdJrtxJrrhvzGVhw9g3v5cnzV-EYNXJZ_Koq5gW9uPkMVFw9xsESQguKnmcklyz3SfRJK5HmR8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:42 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.adform.net/ Frame 94FE 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-sFFzusyNEPrsLnsI-fhaS2wBwXutyUK2Oq6vQg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CSjCvTxYxxVVrYmVuEXo%2BaZ4nvosARr3xN0lMWRUbgvM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aNUWWi1001QP2DbcHx13CV5SzTvXB70MtC8x70eaXXB_Q70a-ihYkYnVy5NZv9uK6fMOnC62W7jrDDLCzRxJ7zyOzSCAKHh9Px4VZOxi8Lf1H9bflHarUWmuCSjF94WKX9mEuCo82pzWYJf6ZiwmqTcurc7uS3MAB1DCzE5KUJAfbTRMTRQ1UG_aA7rKJrWoGSdAAPg8ikmyhpr_Fk47xaRdv_FRz9uiP-QLZaCQudfBA-THa7qU1aSG3vRS5uN3OLifVHXQzCa7S6jnCvM7ZCYEAO1dPi9JbiSZ1g4CF6BPlfp793pv2sOFA3UsYCG528p9tGQWdi8cSZLZFNlmw8WmiLaR97yUv3JE95T4dpXESEjJUCc6SAxEIQYkMOKEseQUuu7HfWJbuqBwJ6nF-cbSt53xNsFPdaGmH5n33YvSalFek9iN4My-DPCGEM4mEGyjh-2PqVPHa4xyetc3ynvp9hmWrylWgK8X3vgzreZkuUdJrtxJrrhvzGVhw9g3v5cnzV-EYNXJZ_Koq5gW9uPkMVFw9xsESQguKnmcklyz3SfRJK5HmR8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:42 GMT
last-modified
Fri, 18 Nov 2022 14:41:46 GMT
server
nginx
accept-ranges
bytes
etag
"637799aa-2b"
content-length
43
content-type
image/gif
sync
visitor.omnitagjs.com/visitor/ Frame 94FE 		49 B
385 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-IbIsjMyNEPrsLnsI-fhaS2wBwXsD88bLNxrrdw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CSjCvTxYxxVVrYmVuEXo%2BaZ4nvosARr3xN0lMWRUbgvM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aNUWWi1001QP2DbcHx13CV5SzTvXB70MtC8x70eaXXB_Q70a-ihYkYnVy5NZv9uK6fMOnC62W7jrDDLCzRxJ7zyOzSCAKHh9Px4VZOxi8Lf1H9bflHarUWmuCSjF94WKX9mEuCo82pzWYJf6ZiwmqTcurc7uS3MAB1DCzE5KUJAfbTRMTRQ1UG_aA7rKJrWoGSdAAPg8ikmyhpr_Fk47xaRdv_FRz9uiP-QLZaCQudfBA-THa7qU1aSG3vRS5uN3OLifVHXQzCa7S6jnCvM7ZCYEAO1dPi9JbiSZ1g4CF6BPlfp793pv2sOFA3UsYCG528p9tGQWdi8cSZLZFNlmw8WmiLaR97yUv3JE95T4dpXESEjJUCc6SAxEIQYkMOKEseQUuu7HfWJbuqBwJ6nF-cbSt53xNsFPdaGmH5n33YvSalFek9iN4My-DPCGEM4mEGyjh-2PqVPHa4xyetc3ynvp9hmWrylWgK8X3vgzreZkuUdJrtxJrrhvzGVhw9g3v5cnzV-EYNXJZ_Koq5gW9uPkMVFw9xsESQguKnmcklyz3SfRJK5HmR8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.236.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-236-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:42 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
3
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0
rum
r.casalemedia.com/ Frame 94FE 		43 B
540 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-66jrK8yNEPrsLnsI-fhaS2wBwXvJCYNPy6sa_A
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CSjCvTxYxxVVrYmVuEXo%2BaZ4nvosARr3xN0lMWRUbgvM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aNUWWi1001QP2DbcHx13CV5SzTvXB70MtC8x70eaXXB_Q70a-ihYkYnVy5NZv9uK6fMOnC62W7jrDDLCzRxJ7zyOzSCAKHh9Px4VZOxi8Lf1H9bflHarUWmuCSjF94WKX9mEuCo82pzWYJf6ZiwmqTcurc7uS3MAB1DCzE5KUJAfbTRMTRQ1UG_aA7rKJrWoGSdAAPg8ikmyhpr_Fk47xaRdv_FRz9uiP-QLZaCQudfBA-THa7qU1aSG3vRS5uN3OLifVHXQzCa7S6jnCvM7ZCYEAO1dPi9JbiSZ1g4CF6BPlfp793pv2sOFA3UsYCG528p9tGQWdi8cSZLZFNlmw8WmiLaR97yUv3JE95T4dpXESEjJUCc6SAxEIQYkMOKEseQUuu7HfWJbuqBwJ6nF-cbSt53xNsFPdaGmH5n33YvSalFek9iN4My-DPCGEM4mEGyjh-2PqVPHa4xyetc3ynvp9hmWrylWgK8X3vgzreZkuUdJrtxJrrhvzGVhw9g3v5cnzV-EYNXJZ_Koq5gW9uPkMVFw9xsESQguKnmcklyz3SfRJK5HmR8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CxIm1IvwygLsV%2FNwjPVxx7JWSuUkuogcf7lB5SfwiD6uq%2BoLpExx2rC8C6n%2Bn2lkhFFJrE39Hq5khwEGrPBd6U11%2BXhpixjUWA%2BUKe0rh9BCf%2BPR5ndOWVq6nruWSRMNv4ak"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82aa58a4094792ab-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0
demconf.jpg
dpm.demdex.net/ Frame 94FE
Redirect Chain
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=EbTBdsfXdBLVV49AL1NN3ff9OQt0Vtj0
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=EbTBdsfXdBLVV49AL1NN3ff9OQt0Vtj0
42 B
715 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=EbTBdsfXdBLVV49AL1NN3ff9OQt0Vtj0
Protocol
H2
Server
52.50.106.246 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-106-246.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

dcs
dcs-prod-irl1-1-v054-00cd77fef.edge-irl1.demdex.com 2 ms
pragma
no-cache
date
Thu, 23 Nov 2023 15:11:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
mYNSw2wLRn8=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-irl1-1-v054-037a2ac12.edge-irl1.demdex.com 0 ms
pragma
no-cache
date
Thu, 23 Nov 2023 15:11:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
NKd/x4zsQmA=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=EbTBdsfXdBLVV49AL1NN3ff9OQt0Vtj0
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
9.gif
id5-sync.com/s/966/ Frame 94FE 		43 B
920 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/966/9.gif?puid=k--uunIMyNEPrsLnsI-fhaS2wBwXs1Bo5-6uksvQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CSjCvTxYxxVVrYmVuEXo%2BaZ4nvosARr3xN0lMWRUbgvM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aNUWWi1001QP2DbcHx13CV5SzTvXB70MtC8x70eaXXB_Q70a-ihYkYnVy5NZv9uK6fMOnC62W7jrDDLCzRxJ7zyOzSCAKHh9Px4VZOxi8Lf1H9bflHarUWmuCSjF94WKX9mEuCo82pzWYJf6ZiwmqTcurc7uS3MAB1DCzE5KUJAfbTRMTRQ1UG_aA7rKJrWoGSdAAPg8ikmyhpr_Fk47xaRdv_FRz9uiP-QLZaCQudfBA-THa7qU1aSG3vRS5uN3OLifVHXQzCa7S6jnCvM7ZCYEAO1dPi9JbiSZ1g4CF6BPlfp793pv2sOFA3UsYCG528p9tGQWdi8cSZLZFNlmw8WmiLaR97yUv3JE95T4dpXESEjJUCc6SAxEIQYkMOKEseQUuu7HfWJbuqBwJ6nF-cbSt53xNsFPdaGmH5n33YvSalFek9iN4My-DPCGEM4mEGyjh-2PqVPHa4xyetc3ynvp9hmWrylWgK8X3vgzreZkuUdJrtxJrrhvzGVhw9g3v5cnzV-EYNXJZ_Koq5gW9uPkMVFw9xsESQguKnmcklyz3SfRJK5HmR8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Thu, 23 Nov 2023 15:11:41 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
match
ad.360yield.com/ Frame 94FE 		43 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-icXjOMyNEPrsLnsI-fhaS2wBwXuYOHEhoVbbJA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CSjCvTxYxxVVrYmVuEXo%2BaZ4nvosARr3xN0lMWRUbgvM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aNUWWi1001QP2DbcHx13CV5SzTvXB70MtC8x70eaXXB_Q70a-ihYkYnVy5NZv9uK6fMOnC62W7jrDDLCzRxJ7zyOzSCAKHh9Px4VZOxi8Lf1H9bflHarUWmuCSjF94WKX9mEuCo82pzWYJf6ZiwmqTcurc7uS3MAB1DCzE5KUJAfbTRMTRQ1UG_aA7rKJrWoGSdAAPg8ikmyhpr_Fk47xaRdv_FRz9uiP-QLZaCQudfBA-THa7qU1aSG3vRS5uN3OLifVHXQzCa7S6jnCvM7ZCYEAO1dPi9JbiSZ1g4CF6BPlfp793pv2sOFA3UsYCG528p9tGQWdi8cSZLZFNlmw8WmiLaR97yUv3JE95T4dpXESEjJUCc6SAxEIQYkMOKEseQUuu7HfWJbuqBwJ6nF-cbSt53xNsFPdaGmH5n33YvSalFek9iN4My-DPCGEM4mEGyjh-2PqVPHa4xyetc3ynvp9hmWrylWgK8X3vgzreZkuUdJrtxJrrhvzGVhw9g3v5cnzV-EYNXJZ_Koq5gW9uPkMVFw9xsESQguKnmcklyz3SfRJK5HmR8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.195.247.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-195-247-153.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 23 Nov 2023 15:11:42 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
matching.ivitrack.com/ Frame 94FE 		42 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://matching.ivitrack.com/sync?realm=criteo&uid=k-aXyK58yNEPrsLnsI-fhaS2wBwXviWOaQRqYBoQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CSjCvTxYxxVVrYmVuEXo%2BaZ4nvosARr3xN0lMWRUbgvM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aNUWWi1001QP2DbcHx13CV5SzTvXB70MtC8x70eaXXB_Q70a-ihYkYnVy5NZv9uK6fMOnC62W7jrDDLCzRxJ7zyOzSCAKHh9Px4VZOxi8Lf1H9bflHarUWmuCSjF94WKX9mEuCo82pzWYJf6ZiwmqTcurc7uS3MAB1DCzE5KUJAfbTRMTRQ1UG_aA7rKJrWoGSdAAPg8ikmyhpr_Fk47xaRdv_FRz9uiP-QLZaCQudfBA-THa7qU1aSG3vRS5uN3OLifVHXQzCa7S6jnCvM7ZCYEAO1dPi9JbiSZ1g4CF6BPlfp793pv2sOFA3UsYCG528p9tGQWdi8cSZLZFNlmw8WmiLaR97yUv3JE95T4dpXESEjJUCc6SAxEIQYkMOKEseQUuu7HfWJbuqBwJ6nF-cbSt53xNsFPdaGmH5n33YvSalFek9iN4My-DPCGEM4mEGyjh-2PqVPHa4xyetc3ynvp9hmWrylWgK8X3vgzreZkuUdJrtxJrrhvzGVhw9g3v5cnzV-EYNXJZ_Koq5gW9uPkMVFw9xsESQguKnmcklyz3SfRJK5HmR8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.157.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:42 GMT
x-envoy-decorator-operation
tag-manager.programmatic.svc.cluster.local:3000/*
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
public, max-age=86400
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
push
exchange.mediavine.com/usersync/ Frame 94FE 		0
879 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-EBFF78yNEPrsLnsI-fhaS2wBwXtzrYLj14y5kg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CSjCvTxYxxVVrYmVuEXo%2BaZ4nvosARr3xN0lMWRUbgvM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aNUWWi1001QP2DbcHx13CV5SzTvXB70MtC8x70eaXXB_Q70a-ihYkYnVy5NZv9uK6fMOnC62W7jrDDLCzRxJ7zyOzSCAKHh9Px4VZOxi8Lf1H9bflHarUWmuCSjF94WKX9mEuCo82pzWYJf6ZiwmqTcurc7uS3MAB1DCzE5KUJAfbTRMTRQ1UG_aA7rKJrWoGSdAAPg8ikmyhpr_Fk47xaRdv_FRz9uiP-QLZaCQudfBA-THa7qU1aSG3vRS5uN3OLifVHXQzCa7S6jnCvM7ZCYEAO1dPi9JbiSZ1g4CF6BPlfp793pv2sOFA3UsYCG528p9tGQWdi8cSZLZFNlmw8WmiLaR97yUv3JE95T4dpXESEjJUCc6SAxEIQYkMOKEseQUuu7HfWJbuqBwJ6nF-cbSt53xNsFPdaGmH5n33YvSalFek9iN4My-DPCGEM4mEGyjh-2PqVPHa4xyetc3ynvp9hmWrylWgK8X3vgzreZkuUdJrtxJrrhvzGVhw9g3v5cnzV-EYNXJZ_Koq5gW9uPkMVFw9xsESQguKnmcklyz3SfRJK5HmR8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.209.232 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-209-232.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:42 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
1017
jadserve.postrelease.com/suid/ Frame 94FE 		43 B
423 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/1017?vk=k-BGGb_syNEPrsLnsI-fhaS2wBwXuA8UcGp9tAzQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CSjCvTxYxxVVrYmVuEXo%2BaZ4nvosARr3xN0lMWRUbgvM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aNUWWi1001QP2DbcHx13CV5SzTvXB70MtC8x70eaXXB_Q70a-ihYkYnVy5NZv9uK6fMOnC62W7jrDDLCzRxJ7zyOzSCAKHh9Px4VZOxi8Lf1H9bflHarUWmuCSjF94WKX9mEuCo82pzWYJf6ZiwmqTcurc7uS3MAB1DCzE5KUJAfbTRMTRQ1UG_aA7rKJrWoGSdAAPg8ikmyhpr_Fk47xaRdv_FRz9uiP-QLZaCQudfBA-THa7qU1aSG3vRS5uN3OLifVHXQzCa7S6jnCvM7ZCYEAO1dPi9JbiSZ1g4CF6BPlfp793pv2sOFA3UsYCG528p9tGQWdi8cSZLZFNlmw8WmiLaR97yUv3JE95T4dpXESEjJUCc6SAxEIQYkMOKEseQUuu7HfWJbuqBwJ6nF-cbSt53xNsFPdaGmH5n33YvSalFek9iN4My-DPCGEM4mEGyjh-2PqVPHa4xyetc3ynvp9hmWrylWgK8X3vgzreZkuUdJrtxJrrhvzGVhw9g3v5cnzV-EYNXJZ_Koq5gW9uPkMVFw9xsESQguKnmcklyz3SfRJK5HmR8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.35.59.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-35-59-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:43 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
cookie-sync
sync.outbrain.com/ Frame 94FE 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-fjw8xMyNEPrsLnsI-fhaS2wBwXtgvK5wdUoBqw&initiator=partner
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CSjCvTxYxxVVrYmVuEXo%2BaZ4nvosARr3xN0lMWRUbgvM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aNUWWi1001QP2DbcHx13CV5SzTvXB70MtC8x70eaXXB_Q70a-ihYkYnVy5NZv9uK6fMOnC62W7jrDDLCzRxJ7zyOzSCAKHh9Px4VZOxi8Lf1H9bflHarUWmuCSjF94WKX9mEuCo82pzWYJf6ZiwmqTcurc7uS3MAB1DCzE5KUJAfbTRMTRQ1UG_aA7rKJrWoGSdAAPg8ikmyhpr_Fk47xaRdv_FRz9uiP-QLZaCQudfBA-THa7qU1aSG3vRS5uN3OLifVHXQzCa7S6jnCvM7ZCYEAO1dPi9JbiSZ1g4CF6BPlfp793pv2sOFA3UsYCG528p9tGQWdi8cSZLZFNlmw8WmiLaR97yUv3JE95T4dpXESEjJUCc6SAxEIQYkMOKEseQUuu7HfWJbuqBwJ6nF-cbSt53xNsFPdaGmH5n33YvSalFek9iN4My-DPCGEM4mEGyjh-2PqVPHa4xyetc3ynvp9hmWrylWgK8X3vgzreZkuUdJrtxJrrhvzGVhw9g3v5cnzV-EYNXJZ_Koq5gW9uPkMVFw9xsESQguKnmcklyz3SfRJK5HmR8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.255 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 15:11:43 GMT
Cache-Control
no-cache
X-TraceId
a359f50089b9e084b46b0850534e3ec9
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 94FE 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-3yX4bsyNEPrsLnsI-fhaS2wBwXsBJvqKuzBB_w
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CSjCvTxYxxVVrYmVuEXo%2BaZ4nvosARr3xN0lMWRUbgvM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aNUWWi1001QP2DbcHx13CV5SzTvXB70MtC8x70eaXXB_Q70a-ihYkYnVy5NZv9uK6fMOnC62W7jrDDLCzRxJ7zyOzSCAKHh9Px4VZOxi8Lf1H9bflHarUWmuCSjF94WKX9mEuCo82pzWYJf6ZiwmqTcurc7uS3MAB1DCzE5KUJAfbTRMTRQ1UG_aA7rKJrWoGSdAAPg8ikmyhpr_Fk47xaRdv_FRz9uiP-QLZaCQudfBA-THa7qU1aSG3vRS5uN3OLifVHXQzCa7S6jnCvM7ZCYEAO1dPi9JbiSZ1g4CF6BPlfp793pv2sOFA3UsYCG528p9tGQWdi8cSZLZFNlmw8WmiLaR97yUv3JE95T4dpXESEjJUCc6SAxEIQYkMOKEseQUuu7HfWJbuqBwJ6nF-cbSt53xNsFPdaGmH5n33YvSalFek9iN4My-DPCGEM4mEGyjh-2PqVPHa4xyetc3ynvp9hmWrylWgK8X3vgzreZkuUdJrtxJrrhvzGVhw9g3v5cnzV-EYNXJZ_Koq5gW9uPkMVFw9xsESQguKnmcklyz3SfRJK5HmR8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 23 Nov 2023 15:11:42 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel_sync
trends.revcontent.com/cm/ Frame 94FE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trends.revcontent.com/cm/pixel_sync?bidder=151&bidder_uid=k-qEcLTsyNEPrsLnsI-fhaS2wBwXvcpKG9Ed1uew
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CSjCvTxYxxVVrYmVuEXo%2BaZ4nvosARr3xN0lMWRUbgvM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aNUWWi1001QP2DbcHx13CV5SzTvXB70MtC8x70eaXXB_Q70a-ihYkYnVy5NZv9uK6fMOnC62W7jrDDLCzRxJ7zyOzSCAKHh9Px4VZOxi8Lf1H9bflHarUWmuCSjF94WKX9mEuCo82pzWYJf6ZiwmqTcurc7uS3MAB1DCzE5KUJAfbTRMTRQ1UG_aA7rKJrWoGSdAAPg8ikmyhpr_Fk47xaRdv_FRz9uiP-QLZaCQudfBA-THa7qU1aSG3vRS5uN3OLifVHXQzCa7S6jnCvM7ZCYEAO1dPi9JbiSZ1g4CF6BPlfp793pv2sOFA3UsYCG528p9tGQWdi8cSZLZFNlmw8WmiLaR97yUv3JE95T4dpXESEjJUCc6SAxEIQYkMOKEseQUuu7HfWJbuqBwJ6nF-cbSt53xNsFPdaGmH5n33YvSalFek9iN4My-DPCGEM4mEGyjh-2PqVPHa4xyetc3ynvp9hmWrylWgK8X3vgzreZkuUdJrtxJrrhvzGVhw9g3v5cnzV-EYNXJZ_Koq5gW9uPkMVFw9xsESQguKnmcklyz3SfRJK5HmR8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.247.98.157 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-98-157.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
v1
match.sharethrough.com/sync/ Frame 94FE 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-uo2hZsyNEPrsLnsI-fhaS2wBwXvijbVWNIdWBA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CSjCvTxYxxVVrYmVuEXo%2BaZ4nvosARr3xN0lMWRUbgvM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aNUWWi1001QP2DbcHx13CV5SzTvXB70MtC8x70eaXXB_Q70a-ihYkYnVy5NZv9uK6fMOnC62W7jrDDLCzRxJ7zyOzSCAKHh9Px4VZOxi8Lf1H9bflHarUWmuCSjF94WKX9mEuCo82pzWYJf6ZiwmqTcurc7uS3MAB1DCzE5KUJAfbTRMTRQ1UG_aA7rKJrWoGSdAAPg8ikmyhpr_Fk47xaRdv_FRz9uiP-QLZaCQudfBA-THa7qU1aSG3vRS5uN3OLifVHXQzCa7S6jnCvM7ZCYEAO1dPi9JbiSZ1g4CF6BPlfp793pv2sOFA3UsYCG528p9tGQWdi8cSZLZFNlmw8WmiLaR97yUv3JE95T4dpXESEjJUCc6SAxEIQYkMOKEseQUuu7HfWJbuqBwJ6nF-cbSt53xNsFPdaGmH5n33YvSalFek9iN4My-DPCGEM4mEGyjh-2PqVPHa4xyetc3ynvp9hmWrylWgK8X3vgzreZkuUdJrtxJrrhvzGVhw9g3v5cnzV-EYNXJZ_Koq5gW9uPkMVFw9xsESQguKnmcklyz3SfRJK5HmR8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.51.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-51-148.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:43 GMT
sync
criteo-partners.tremorhub.com/ Frame 94FE 		43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-partners.tremorhub.com/sync?UICR=k-EPq91cyNEPrsLnsI-fhaS2wBwXvihI_dsSzYbA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CSjCvTxYxxVVrYmVuEXo%2BaZ4nvosARr3xN0lMWRUbgvM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aNUWWi1001QP2DbcHx13CV5SzTvXB70MtC8x70eaXXB_Q70a-ihYkYnVy5NZv9uK6fMOnC62W7jrDDLCzRxJ7zyOzSCAKHh9Px4VZOxi8Lf1H9bflHarUWmuCSjF94WKX9mEuCo82pzWYJf6ZiwmqTcurc7uS3MAB1DCzE5KUJAfbTRMTRQ1UG_aA7rKJrWoGSdAAPg8ikmyhpr_Fk47xaRdv_FRz9uiP-QLZaCQudfBA-THa7qU1aSG3vRS5uN3OLifVHXQzCa7S6jnCvM7ZCYEAO1dPi9JbiSZ1g4CF6BPlfp793pv2sOFA3UsYCG528p9tGQWdi8cSZLZFNlmw8WmiLaR97yUv3JE95T4dpXESEjJUCc6SAxEIQYkMOKEseQUuu7HfWJbuqBwJ6nF-cbSt53xNsFPdaGmH5n33YvSalFek9iN4My-DPCGEM4mEGyjh-2PqVPHa4xyetc3ynvp9hmWrylWgK8X3vgzreZkuUdJrtxJrrhvzGVhw9g3v5cnzV-EYNXJZ_Koq5gW9uPkMVFw9xsESQguKnmcklyz3SfRJK5HmR8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4264:daa9:3300:1f77:ca7c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Thu, 23 Nov 2023 15:11:43 GMT
server
nginx
content-type
image/gif
m
ad.yieldlab.net/ Frame 94FE 		0
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-eX7yTMyNEPrsLnsI-fhaS2wBwXtOX-ekxeZ4Fw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CSjCvTxYxxVVrYmVuEXo%2BaZ4nvosARr3xN0lMWRUbgvM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aNUWWi1001QP2DbcHx13CV5SzTvXB70MtC8x70eaXXB_Q70a-ihYkYnVy5NZv9uK6fMOnC62W7jrDDLCzRxJ7zyOzSCAKHh9Px4VZOxi8Lf1H9bflHarUWmuCSjF94WKX9mEuCo82pzWYJf6ZiwmqTcurc7uS3MAB1DCzE5KUJAfbTRMTRQ1UG_aA7rKJrWoGSdAAPg8ikmyhpr_Fk47xaRdv_FRz9uiP-QLZaCQudfBA-THa7qU1aSG3vRS5uN3OLifVHXQzCa7S6jnCvM7ZCYEAO1dPi9JbiSZ1g4CF6BPlfp793pv2sOFA3UsYCG528p9tGQWdi8cSZLZFNlmw8WmiLaR97yUv3JE95T4dpXESEjJUCc6SAxEIQYkMOKEseQUuu7HfWJbuqBwJ6nF-cbSt53xNsFPdaGmH5n33YvSalFek9iN4My-DPCGEM4mEGyjh-2PqVPHa4xyetc3ynvp9hmWrylWgK8X3vgzreZkuUdJrtxJrrhvzGVhw9g3v5cnzV-EYNXJZ_Koq5gW9uPkMVFw9xsESQguKnmcklyz3SfRJK5HmR8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-75.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 15:11:43 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Expires
Wed, 22 Nov 2023 15:11:43 GMT
sync
sync-criteo.ads.yieldmo.com/ Frame 94FE 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-zl4fy8yNEPrsLnsI-fhaS2wBwXuxamQ66gb9cw&pn_id=criteo&ext=1
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CSjCvTxYxxVVrYmVuEXo%2BaZ4nvosARr3xN0lMWRUbgvM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aNUWWi1001QP2DbcHx13CV5SzTvXB70MtC8x70eaXXB_Q70a-ihYkYnVy5NZv9uK6fMOnC62W7jrDDLCzRxJ7zyOzSCAKHh9Px4VZOxi8Lf1H9bflHarUWmuCSjF94WKX9mEuCo82pzWYJf6ZiwmqTcurc7uS3MAB1DCzE5KUJAfbTRMTRQ1UG_aA7rKJrWoGSdAAPg8ikmyhpr_Fk47xaRdv_FRz9uiP-QLZaCQudfBA-THa7qU1aSG3vRS5uN3OLifVHXQzCa7S6jnCvM7ZCYEAO1dPi9JbiSZ1g4CF6BPlfp793pv2sOFA3UsYCG528p9tGQWdi8cSZLZFNlmw8WmiLaR97yUv3JE95T4dpXESEjJUCc6SAxEIQYkMOKEseQUuu7HfWJbuqBwJ6nF-cbSt53xNsFPdaGmH5n33YvSalFek9iN4My-DPCGEM4mEGyjh-2PqVPHa4xyetc3ynvp9hmWrylWgK8X3vgzreZkuUdJrtxJrrhvzGVhw9g3v5cnzV-EYNXJZ_Koq5gW9uPkMVFw9xsESQguKnmcklyz3SfRJK5HmR8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.96.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-96-15.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:43 GMT
content-length
0
view
securepubads.g.doubleclick.net/pcs/ Frame FA9C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvhSxFY9_6QGgjdzDlgxMP4O_N2heM4nRizgWdwflSy4PCkinbNgvhUHlpEodFUVLtnMn9C0dOi_bQGF21ejpbBcjx9r9DrbfssN7ml25qKYX2XVtqK6quP6JlXWTNKg8usJrEqnMtPJT9ArfEKT7CdIEmoXUQ19YJJuJiLAinRUr8s0sw5evuHYVnI3JrX8IzfDU8HUOnqNKYsbvU_Mjy_qvuwn3r70vBHMnz8098hcLUNWDG9OY6CWFzdw-ii2gwo2ejEKy-IC1ONNoa5Omfq-es1wKipoMOxXSEnwON1PDye3V_0SUM_elxYQAcjCCWSeg48raHNK6ppFd2LE9AAeXIXYRE8mT8XHt2S8iWMitfiVlD8VskD&sai=AMfl-YRW-9L-4nEvFyu4OIsRfTPAwvddxPTyvu1DAaWBWkeKBKN4bHwED7JAT9TVluIl6fGAbpR3Hm8vemsjl7O3DRrsc_9Nh2AFeFpHklInQ53WQcTZNMuScbEWRJPyA40&sig=Cg0ArKJSzNiR2oM0SI-VEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 23 Nov 2023 15:11:42 GMT
setuid
ib.adnxs.com/ Frame 94FE 		43 B
902 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=52&code=k-jyjYi8yNEPrsLnsI-fhaS2wBwXs5j-AjGhHlUw
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:42 GMT
an-x-request-uuid
69af2edb-c581-4b9b-8dbb-145d4e1c5caf
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
45.141.152.75; 45.141.152.75; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ups.analytics.yahoo.com/ups/58301/ Frame 94FE 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=0&redir=true&uid=k-d5tuS8yNEPrsLnsI-fhaS2wBwXu9rO9PGZGCEQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:42 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usermatch.gif
beacon.krxd.net/ Frame 94FE
Redirect Chain
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=GFJHGUzArl-zZ09fNlafDz6oJENj4QHX
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=GFJHGUzArl-zZ09fNlafDz6oJENj4QHX
Protocol
H2
Server
52.211.88.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-88-8.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-served-by
beacon-n014-dub-prod.krxd.net
date
Thu, 23 Nov 2023 15:11:43 GMT
cache-control
private, no-cache, no-store
x-request-time
D=61 t=1700752303
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=GFJHGUzArl-zZ09fNlafDz6oJENj4QHX
date
Thu, 23 Nov 2023 15:11:42 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
693792
content-length
0
cs
s.thebrighttag.com/ Frame 94FE
Redirect Chain
  • https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
  • https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=Xv5zx3oly7UiXn7p-QT6ehIiMH-wI_wU
35 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=Xv5zx3oly7UiXn7p-QT6ehIiMH-wI_wU
Protocol
H2
Server
3.141.120.20 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-141-120-20.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:43 GMT
x-bt-requestid
9c6ede20-8a12-11ee-aea0-0000ac17027e
server
nginx
content-type
image/gif
access-control-allow-origin
p3p
CP=NOI DSP COR NID
cache-control
private, must-revalidate
content-length
35
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=Xv5zx3oly7UiXn7p-QT6ehIiMH-wI_wU
date
Thu, 23 Nov 2023 15:11:42 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
1235823
content-length
0
loaduser
traid.jixie.io/api/ 		2 B
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://traid.jixie.io/api/loaduser?accountid=GM180iIHc4
Requested by
Host: scripts.jixie.media
URL: https://scripts.jixie.media/jxpublisher_3_1.nnb.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.129.34.52 Jakarta, Indonesia, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; include Subdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:43 GMT
content-security-policy
default-src 'self'
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; include Subdomains; preload
content-encoding
gzip
etag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary
Origin, Accept-Encoding
x-frame-options
Deny
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gmanetwork.com
access-control-allow-credentials
true
x-xss-protection
1
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-B4FW0S5GFB&gtm=45je3b81v886113301&_p=1700752297531&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1264207553.1700752298&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1700752297&sct=1&seg=0&dl=https%3A%2F%2Fwww.gmanetwork.com%2F&dt=GMA%20Network%20%7C%20News%20and%20Entertainment&_s=2&tfd=7823
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B4FW0S5GFB&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:43 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.gmanetwork.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame 8805 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=y7are3C1fFocUGtTPQtSQsLELpWJYnEHOhiB4O2hRiVj5wHc1sZ8xhgpn4IYvKGC9wb8DNboBTFoQhrHCRomKP38kZh7jxyg8QlzUOFF76QJ3gqXto1JMoIVBnzGZ176aUZ8z4bJdmxZgpBrGiIQmxqKkwdXKYSz-j-mn0UmNEoykCgXzmim8lMO0byrFEjCVaxeDEyLp_stYXlbBdUhkFzy5OBhNDiluWzaf54Si6LfnYXDuOqQl824TEU&sds=2&rev=89278&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CSjCvTxYxxVVrYmVuEXo%2BaZ4nvosARr3xN0lMWRUbgvM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKoDezkG_gqDdobAszjqZyB6TJ5um0-T_NzILKy_H19xk56290g0et-aNUWWi1001QP2DbcHx13CV5SzTvXB70MtC8x70eaXXB_Q70a-ihYkYnVy5NZv9uK6fMOnC62W7jrDDLCzRxJ7zyOzSCAKHh9Px4VZOxi8Lf1H9bflHarUWmuCSjF94WKX9mEuCo82pzWYJf6ZiwmqTcurc7uS3MAB1DCzE5KUJAfbTRMTRQ1UG_aA7rKJrWoGSdAAPg8ikmyhpr_Fk47xaRdv_FRz9uiP-QLZaCQudfBA-THa7qU1aSG3vRS5uN3OLifVHXQzCa7S6jnCvM7ZCYEAO1dPi9JbiSZ1g4CF6BPlfp793pv2sOFA3UsYCG528p9tGQWdi8cSZLZFNlmw8WmiLaR97yUv3JE95T4dpXESEjJUCc6SAxEIQYkMOKEseQUuu7HfWJbuqBwJ6nF-cbSt53xNsFPdaGmH5n33YvSalFek9iN4My-DPCGEM4mEGyjh-2PqVPHa4xyetc3ynvp9hmWrylWgK8X3vgzreZkuUdJrtxJrrhvzGVhw9g3v5cnzV-EYNXJZ_Koq5gW9uPkMVFw9xsESQguKnmcklyz3SfRJK5HmR8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 23 Nov 2023 15:11:42 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame FA9C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuwcD0gs0tbuK_RGu7E8LeJMUQNKizNGidpTpI_DTKJfDmXvUkTqhZOw_oXInppbVH4uKzEy8aNhjJgCXdzVqfzLeTEnXQ7_mpaOmC91vfR8trkCytpWLIi71X5XUFfwL0DfgjEknVl1A&sig=Cg0ArKJSzIxD0DDQg9rKEAE&id=lidar2&mcvt=1001&p=68,436,158,1164&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=2355608864&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700752302465&rpt=241&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pebed.dm-event.net/ Frame 9F29 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pebed.dm-event.net/
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.photon_vendor.3ce7557f0c4e78d46b63.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.59 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ebed2.dm.gg
Software
edward-ed/2.2.1 /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Accept
application/json, text/plain, */*
Referer
https://geo.dailymotion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

Date
Thu, 23 Nov 2023 15:11:43 GMT
Server
edward-ed/2.2.1
Access-Control-Max-Age
604800
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length
15
jx-load-cookie.html
scripts.jixie.media/ Frame 820C 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://scripts.jixie.media/jx-load-cookie.html?accountid=${accountId}
Requested by
Host: scripts.jixie.media
URL: https://scripts.jixie.media/onescript/GM180iIHc4/jx-GM29180G0dns.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.91.74.174 , Mexico, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
openresty /
Resource Hash
3b5968101e04a0ca713a6789543d6c4b61cb81aa7c4134f22ef2682ae6249204

Request headers

Referer
https://www.gmanetwork.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
access-control-max-age
86400
age
20503906
content-encoding
gzip
content-type
text/html
date
Thu, 23 Nov 2023 15:11:44 GMT
etag
W/"9e5d62e65d2e8329f814e39ef01c0d2e"
last-modified
Fri, 24 Mar 2023 01:10:22 GMT
nginx-hit
1
server
openresty
via
LA-MEX-queretaro-EDGE1-CACHE3[2],LA-MEX-queretaro-EDGE1-CACHE3[0,TCP_HIT,0],LA-MEX-mexicocity-GLOBAL1-CACHE24[252],LA-MEX-mexicocity-GLOBAL1-CACHE22[250,TCP_MISS,251],EA-SGP-GLOBAL1-CACHE15[1],EA-SGP-GLOBAL1-CACHE10[0,TCP_HIT,0]
x-amz-id-2
VyFn4b2d6+KWBPQz7USi5R3QeIjGF4UZ7LzgVHS1rZfbUaaaqITM33rFTwWXZ7Bw2NsJm7yU+rw=
x-amz-request-id
2A1GNRMHM8B4ZVQF
x-amz-server-side-encryption
AES256
x-amz-version-id
aN2iXujF9PZWLEhdoji4nn9NNDXaBwmd
x-ccdn-cachettl
2592000
x-ccdn-expires
232502
x-hcs-proxy-type
1
newid
traid.jixie.io/api/ 		52 B
455 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://traid.jixie.io/api/newid?accountid=GM180iIHc4
Requested by
Host: scripts.jixie.media
URL: https://scripts.jixie.media/jxpublisher_3_1.nnb.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.129.34.52 Jakarta, Indonesia, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
/
Resource Hash
a22e6771030d9d1b2124aadc16f1c95381d0184a83f28e80c039dbb6ae8671d1
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; include Subdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:44 GMT
content-security-policy
default-src 'self'
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; include Subdomains; preload
content-encoding
gzip
etag
9ce9b370-8a12-11ee-af36-d9ce645831f0
vary
Origin, Accept-Encoding
x-frame-options
Deny
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=31536000
access-control-allow-credentials
false
x-xss-protection
1
jx-load-cookie.html
partnerrsc.jixie.io/pbs/ Frame 820C 		0
0
/
id.a-mx.com/sync/ 		66 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.a-mx.com/sync/?tagId=&ref=null&u=https://www.gmanetwork.com/&tl=https://www.gmanetwork.com/&nf=0&rt=true&v=7.54.5&av=2.0&vg=rtbpbjs&us_privacy=null&am=null&gdpr=0&gdpr_consent=
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
131.153.158.209 Amsterdam, Netherlands, ASN60558 (SECUREDSERVERS-EU, US),
Reverse DNS
Software
/
Resource Hash
007125ab8f1d8fef6f56739395dd67235d77b9e01dedda951ac6109c8add3048

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gmanetwork.com
date
Thu, 23 Nov 2023 15:11:43 GMT
access-control-allow-credentials
true
content-length
66
content-type
application/json
prebid
id5-sync.com/api/config/ 		135 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
f759cefc88a2c554f946a01dfe2df9521c5c213a63495dd0d2978adf78f171a8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gmanetwork.com
date
Thu, 23 Nov 2023 15:11:44 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
rid
match.adsrvr.org/track/ 		63 B
425 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
cfc5aae5065f222992294eef20dcf01fefcda452259ae480d4606a69cd6089fc

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Nov 2023 15:11:44 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.gmanetwork.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Sat, 23 Dec 2023 15:11:44 GMT
sync.html
cdn.aralego.net/ucfad/cookie/ Frame 3F8C 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/sync.html
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24f3dba78c31c5d70638101d559216361f0a1b8e2ce168a784a57bafdc971f86

Request headers

Referer
https://www.gmanetwork.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
age
5495
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
82aa58ad6ead4d2e-FRA
content-encoding
br
content-type
text/html
date
Thu, 23 Nov 2023 15:11:44 GMT
last-modified
Wed, 16 Dec 2020 08:30:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IFQf%2FUu8ywWqLI3hjAzCgYPIIB7V2iWBgny6s5ztZWYA%2B45HC0WhLhjBw3lmEqNaYTDH%2FGtseNqn6SMw0vP9qNdOV7BD2Iw1u2D5ksQYBw%2BIm1YVBcZhIp1Ezrp6sxz7VyuDnNRfKQm87nCT3A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame 1336 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO7Q43N&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.156.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-156-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3f444974beda618ad11ab53facf70433e3cc234e8b7c6b6c01e60a6971a98f18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.gmanetwork.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8052
content-type
text/html; charset=UTF-8
date
Thu, 23 Nov 2023 15:11:44 GMT
expires
Sat, 25 Nov 2023 15:11:44 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
usync.html
eus.rubiconproject.com/ Frame D13A 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.gmanetwork.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 23 Nov 2023 15:11:44 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 21C5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1700752298617
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.gmanetwork.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
beacon
ap.lijit.com/ Frame 7079 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13413210
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.gmanetwork.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Thu, 23 Nov 2023 15:11:44 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap1ams1
sync-all.html
adxbid.info/ Frame F63E 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a60b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cccba065a0e962f62ca114793d18ada30e87cf7a48900c1e7486e8e4c57a05b9

Request headers

Referer
https://www.gmanetwork.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
82aa58ad7d581ca1-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 23 Nov 2023 15:11:44 GMT
last-modified
Thu, 26 Jan 2023 09:50:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DTCAXTrRIBZxd9gj2ZPM1S54ErPzLI%2Fwj4NzqnmV0nNcJEv5ha3MCSq%2BOx%2FAxnij1WsON0qrwilXhM3pRiwZhzJAZPwaw%2BtDWnrBDnMk7oTkvJYHHAWZMhrDQX6M4GgIykCaqQllP5%2FF3g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
sync
x.bidswitch.net/ 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=themediagrid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.92.77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-92-77.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
277 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
6338a209a07530e60e6d60e4fd0d2fc62078b98c8b8953dd97c3cc60703791ad
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gmanetwork.com
date
Thu, 23 Nov 2023 15:11:43 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
984.json
id5-sync.com/g/v2/ 		251 B
534 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/984.json
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
fc2c3fe71c43a0bc57f6b3fe05b1eea81da13926cf65dc252b65d76e44d8cb7e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gmanetwork.com
date
Thu, 23 Nov 2023 15:11:43 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
usync.js
eus.rubiconproject.com/ Frame D13A 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
110cc45a86a31a5f20d26a85ac76a5fe104679a252808455075fa55390f63993

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 15:11:44 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Nov 2023 21:12:51 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=21662
Connection
keep-alive
Content-Length
13229
Expires
Thu, 23 Nov 2023 21:12:46 GMT
khaos.json
token.rubiconproject.com/ Frame D13A 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
Expires
0
idsync
sync.aralego.com/ Frame 3F8C
Redirect Chain
  • https://sync.aralego.com/idsync?
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/dedbe993-e634-3146-9279-7e7d813fb7ae?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-0RtpC11E2oU4RvnBPB.RAwGw8fFn0RTjIfArUbs-~A&redirect=
35 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-0RtpC11E2oU4RvnBPB.RAwGw8fFn0RTjIfArUbs-~A&redirect=
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/sync.html
Protocol
HTTP/1.1
Server
192.96.203.13 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 15:11:44 GMT
Connection
close
Content-Length
35
Content-Type
image/gif

Redirect headers

date
Thu, 23 Nov 2023 15:11:44 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-0RtpC11E2oU4RvnBPB.RAwGw8fFn0RTjIfArUbs-~A&redirect=
content-length
0
getuid
eb2.3lift.com/ Frame F63E 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/getuid?limit=50&redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
setuid
user-sync.adxpremium.services/ Frame F63E
Redirect Chain
  • https://as.ck-ie.com/prebid.gif?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D
  • https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=726f720961fad54b8b85202f122aeaab9bd9b25e72901b939894d18e01d11f8d
86 B
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=726f720961fad54b8b85202f122aeaab9bd9b25e72901b939894d18e01d11f8d
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
209.192.201.180 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:45 GMT
content-length
86
content-type
image/png

Redirect headers

Location
https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=726f720961fad54b8b85202f122aeaab9bd9b25e72901b939894d18e01d11f8d
Pragma
no-cache
Date
Thu, 23 Nov 2023 15:11:44 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Transfer-Encoding
chunked
Expires
0
rid
match.adsrvr.org/track/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=xuz42kb&fmt=json
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.gmanetwork.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
access-control-allow-origin
https://www.gmanetwork.com
content-length
26
date
Thu, 23 Nov 2023 15:11:44 GMT
server
Kestrel
vary
Origin
rid
match.adsrvr.org/track/ 		63 B
424 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=xuz42kb&fmt=json
Requested by
Host: scripts.jixie.media
URL: https://scripts.jixie.media/jxpublisher_3_1.nnb.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
cfc5aae5065f222992294eef20dcf01fefcda452259ae480d4606a69cd6089fc

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 Nov 2023 15:11:44 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.gmanetwork.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Sat, 23 Dec 2023 15:11:44 GMT
log
c21lg-d.media.net/ Frame 1336 		35 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&del=2&vsid=3437539025428380000V10&origin=1&flt=0
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO7Q43N&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.156.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-156-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 23 Nov 2023 15:11:44 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 23 Nov 2023 15:11:44 GMT
content-length
35
content-type
image/gif
prod
traid.jixie.io/sync/ 		144 B
512 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://traid.jixie.io/sync/prod
Requested by
Host: scripts.jixie.media
URL: https://scripts.jixie.media/jxpublisher_3_1.nnb.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.129.34.52 Jakarta, Indonesia, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
/
Resource Hash
05a820c0353ecfb7fd9d57839b74074b9609ab39be803c2021309a063b7f377f
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; include Subdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 Nov 2023 15:11:44 GMT
content-security-policy
default-src 'self'
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; include Subdomains; preload
content-encoding
gzip
etag
9ce9b370-8a12-11ee-af36-d9ce645831f0
vary
Origin, Accept-Encoding
x-frame-options
Deny
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gmanetwork.com
cache-control
private
access-control-allow-credentials
true
x-xss-protection
1
prod
traid.jixie.io/sync/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://traid.jixie.io/sync/prod
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.129.34.52 Jakarta, Indonesia, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.gmanetwork.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.gmanetwork.com
date
Thu, 23 Nov 2023 15:11:44 GMT
vary
Origin, Access-Control-Request-Headers
sync
vid.vidoomy.com/ Frame 8EF0 		49 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 -, , ASN (),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
4cd9d7fe6bef9e82616b20d2c4a7a9842652ed469b704922e4c682f209754768

Request headers

Referer
https://adxbid.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html
date
Thu, 23 Nov 2023 15:11:45 GMT
etag
W/"64abbb76-c2af"
last-modified
Mon, 10 Jul 2023 08:04:06 GMT
server
CDN77-Turbo
vary
Accept-Encoding
x-77-age
327868
x-77-cache
HIT
x-77-nzt
EQwBnJIhiwH3vAAFAA
x-77-nzt-ray
cf8787274889985bb16b5f65d8f58519
x-77-pop
frankfurtDE
x-accel-date
1700424437
x-accel-expires
@1701461237
x-age-lb
327868
x-cache-lb
HIT
setuid
user-sync.adxpremium.services/ Frame F63E
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=194962&limit=50&cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D
  • https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZV9rrGIUNkZJLd0s5LYUhQAA%265156
86 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZV9rrGIUNkZJLd0s5LYUhQAA%265156
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
209.192.201.180 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:45 GMT
content-length
86
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:11:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kv7zLXYX3WCijuVDAsp44kBc1e1f6WWnQbK465a1lMhDNMYZ%2BWmyU4%2FLZeTUB8dumFouF8wEUgsTTXKNfTxAUCvIJQO0rcCY%2Bre3SIj50JOJIQ2BmavG%2FWOHo98kQfKSYl%2F2kz1c"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZV9rrGIUNkZJLd0s5LYUhQAA%265156
cache-control
no-cache
cf-ray
82aa58b52ad492ab-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
urlsvid.json
vpaid.vidoomy.com/sync/ Frame 8EF0 		1 KB
861 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.vidoomy.com/sync/urlsvid.json
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 -, , ASN (),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
b05155416aa1689236072fb1338ceaefc9809a849bda6588965f5979e8a01aa8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Thu, 23 Nov 2023 15:11:45 GMT
content-encoding
gzip
x-age-lb
371194
x-77-cache
HIT
x-accel-date
1700381111
x-77-nzt
EQwBnJIhiAH3+qkFAA
x-accel-expires
@1701417911
x-77-age
371194
x-cache-lb
HIT
last-modified
Mon, 10 Jul 2023 08:02:46 GMT
server
CDN77-Turbo
etag
W/"64abbb26-479"
x-77-nzt-ray
f6587a1de0d942c2b16b5f65f1243922
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://vid.vidoomy.com
access-control-allow-credentials
true
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1786 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://adxbid.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=101132
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 23 Nov 2023 15:11:45 GMT
expires
Fri, 24 Nov 2023 19:17:17 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 1786 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=61779468&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:44 GMT
content-length
0
pixel
ap.lijit.com/ Frame F63E 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 23 Nov 2023 15:11:45 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
sync.php
pixel.rubiconproject.com/exchange/ Frame F63E 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-lupon&limit=50
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cookie
cm.adform.net/ Frame F63E 		43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?limit=50&redirect_url=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26uid%3D%24UID
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:11:45 GMT
server
nginx
content-length
43
content-type
image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
partnerrsc.jixie.io
URL
https://partnerrsc.jixie.io/pbs/jx-load-cookie.html?accountid=${accountId}

Verdicts & Comments Add Verdict or Comment

822 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| documentPictureInPicture function| $ function| jQuery string| domain_name string| base_url string| BASE_URL string| assets_url string| js_url string| css_url string| data_url string| ent_data string| s3_media string| s3_quote string| s3_image string| is_live string| ent_s3_media number| DFP_CODE string| DEFAULT_PLACEHOLDER string| GOOGLE_ANALYTICS string| GOOGLE_ANALYTICS_ENT string| GA4_ID_ENT string| ENVIRONMENT string| ENT_DATA_URL string| SITE_NAME string| SITE_SEGMENT_1 string| SITE_SEGMENT_2 string| SITE_SEGMENT_6 string| GLOBAL_MOAT_YIELD_INTEL_PATNER_CODE object| ROBOTS_DATA function| moatHeader undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| tagType undefined| pxSrc undefined| moat_px object| Moat#G26 object| MoatSuperV26 object| googletag object| MoatNadoAllJsonpRequest_28032288 object| Moat#PML#26#1.2 boolean| Moat#EVA function| __moatSlotTagLoadedgmanmigamheader860109928859 object| moatPrebidApi function| moatYieldIntellignce object| MoatYieldIntelligence boolean| gptRan function| loadGPT function| jxHBLoadedCb object| gs_channels function| removeWwwAndHttpsFromUrl string| url string| domain_url object| _sf_async_config object| ga_params function| gtag object| dataLayer function| preventDefault function| preventDefaultForScrollKeys function| disableScroll function| enableScroll object| EntConfig string| MEMES_DATA_URL object| EntWidgetMapping object| EntListings object| EntListings_v2 object| MiscEntConfigs object| WidgetSettings object| EntUtility string| NoResultFoundText string| NoResultFoundImage function| FilterSearchResultTitle object| isMobileBrowser object| obsrvPattern object| keys function| recaptchaCallback undefined| CUSTOM_ANALYTIC object| EntLazyLoad object| Headline object| Feature number| loaded_stories number| counter number| start string| temp_img object| Latest object| Property object| ADS object| Fab object| DailymotionWidget number| widgetId1 undefined| widgetId2 number| widgetId3 object| PortalController function| CaptchaCallback object| jQuery112005124364806862733 object| CUSTOM_ANALYTICS object| Url_helper function| InvalidInputHelper object| EntAnalytics_v1 object| current_urls object| current_segment_URL string| urlString object| EntAnalytics object| CookieNotification string| BASE_DOMAIN object| PortalHeader function| Cookies object| EntFooter object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client boolean| loadHomeFull number| currentCtr object| Interstitial object| DFP_SLOTS object| DFP object| footer_leaderboard_size object| gptAdSlots number| adsNum object| adsTypeCounter function| loadAdDivId function| loadAd object| google_tag_manager object| google_tag_data object| _qevents string| content_type_id object| propertyData object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY number| time_interval number| geopercent number| geoedge number| min_view_andbeyond number| min_view number| timebased_refresh_andbeyond number| hijackabm number| unfilledabm object| andbeyondnewarray number| residual number| residual2 number| refresh_andbeyond number| number number| refresh number| iframes string| machine_rules object| label_adapter_video object| label_adapter_display object| config_rtb object| adapter_rtb_new string| home_country object| adunit_network function| getQueryString_val_new function| getQueryString_val_new22 string| sitemainurlandbyeond undefined| andbeyondhttp object| myElementrtbtracker object| observ object| slot_vis object| start_time object| total_vis string| country_rtb1 string| city_rtb string| city_ip string| city_region string| Countrytimezone number| timedate1 number| andstatus300 number| andstatus3001 number| prebid_active number| newtestunitcount number| adlooksstatus number| adlooksstatus1 number| adloox_fraud number| andbeyondadult number| newunitcallback string| timezonename number| width number| height number| size3001status number| size3002status number| size3003status number| size3004status number| size3005status number| size3006status number| size3007status number| size3008status number| size3009status number| size30010status number| size6001status number| size6002status number| size6003status number| size6004status number| size6005status number| size1601status number| size1602status number| size1603status number| size1604status number| size1201status number| size1202status number| size1203status number| size1204status number| size7281status number| size7282status number| size7283status number| size7284status number| size7285status number| size4681status number| size4682status number| size4683status number| size4684status number| size4685status number| size9701status number| size9702status number| size9703status number| size9702501status number| size9702502status number| size9702503status number| size3201status number| size3202status number| size3203status number| size3204status number| size3205status number| size1001status number| size1002status number| size1003status number| size1004status number| size1005status object| label_adapter number| tier2 number| tier3 number| globalandbeyond number| factor_internal number| timebased number| timebased_refresh number| timer_refresh number| factor_visible number| factor_tier1 number| factor_tier2 string| factor_tier1_text string| factor_tier2_text string| no_refresh boolean| detectPartial number| highcpm number| highcpm1 number| windowwandtest number| strategy number| myVar number| randomval1 number| network1 number| network2 number| percent1 number| namemc number| windowwidth2 number| PREBID_TIMEOUT_NEW number| floor number| ref object| rtbpbjs object| activeadunit object| divandbeyond number| andbeyondtotalSeconds number| andbeyondtotalSeconds1 undefined| andbeyondtimestop boolean| idleStates object| idleTimers object| a9slots object| andbeyondpv object| and_geo_block string| url1 string| country function| adloox_pubint_timeout object| debug undefined| adunitmock undefined| adUnitsfirst undefined| adUnitsvideo number| globalinterval3 number| localandbeyond number| andbeyondrefresh number| passandbeyondrefresh number| windowwidth number| global_refresh number| newid number| flag2 number| refresh_time1 number| refresh_time number| refresh_time2 number| hijackinterval3 function| bidder_restrict function| callnative function| encodenativeurl function| callvideo function| calcTime function| isInteger function| myTimer function| isVisible function| bidadjust1 function| andbeyonddisps function| addListenerMulti function| refreshBid1rtb function| refreshBid2 function| blackbox object| aff_var number| floorlogic object| bidder_allowed_native object| bidder_allowed_video object| debugtest object| hijacktest object| apstag object| adloox_pubint object| ignore number| current_time number| refreshval number| number5 string| GoogleAnalyticsObject function| ga object| $highlight_widget object| $latest object| $properties function| quantserve function| __qc object| ezt object| _qoptions object| webpackChunk_dmvs_apac_dm_custom_embed_v2 function| dmceRender object| dmce object| recaptcha object| closure_lm_676966 object| _cbm object| _aps boolean| apstagLOADED object| apscustom function| onYouTubeIframeAPIReady object| gaplugins object| gaGlobal object| gaData object| lotame_sync_16576 function| ha object| _dmpesplayer function| _dmDynamicImportPolyfill object| dailymotion object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing undefined| moatYieldReady number| google_unique_id function| lotameIsCompatible function| sync16576_aa function| sync16576_c undefined| sync16576_d undefined| sync16576_ba undefined| sync16576_e function| sync16576_f object| sync16576_h function| sync16576_ca function| sync16576_j function| sync16576_da object| sync16576_ object| sync16576_ga object| sync16576_v object| sync16576_oa object| sync16576_xa object| sync16576_ya function| sync16576_a function| sync16576_b function| sync16576_g function| sync16576_i function| sync16576_k function| sync16576_l function| sync16576_m function| sync16576_n function| sync16576_o function| sync16576_p function| sync16576_q function| sync16576_r function| sync16576_fa function| sync16576_ea function| sync16576_s function| sync16576_t function| sync16576_u function| sync16576_w function| sync16576_ha function| sync16576_ia function| sync16576_y function| sync16576_ja function| sync16576_z function| sync16576_A function| sync16576_x function| sync16576_B function| sync16576_ka function| sync16576_C function| sync16576_D function| sync16576_E function| sync16576_F function| sync16576_G function| sync16576_H function| sync16576_I function| sync16576_J function| sync16576_K function| sync16576_L function| sync16576_la function| sync16576_ma function| sync16576_na function| sync16576_M function| sync16576_N function| sync16576_pa function| sync16576_O function| sync16576_qa function| sync16576_ra function| sync16576_sa function| sync16576_P function| sync16576_ta function| sync16576_ua function| sync16576_va function| sync16576_wa function| sync16576_Q function| sync16576_R function| sync16576_za function| sync16576_S function| sync16576_T function| sync16576_U function| sync16576_V function| sync16576_Aa function| sync16576_W function| sync16576_X function| sync16576_Y function| sync16576_Z function| sync16576__ function| sync16576_0 function| sync16576_Ea function| sync16576_Ba function| sync16576_1 function| sync16576_Da function| sync16576_Ca function| sync16576_2 function| sync16576_3 function| sync16576_4 function| sync16576_5 function| sync16576_Ga function| sync16576_Ha function| sync16576_Ja function| sync16576_Fa function| sync16576_7 function| sync16576_Ia function| sync16576_La function| sync16576_Ka function| sync16576_8 function| sync16576_6 function| sync16576_9 function| sync16576_Ma function| sync16576_Na function| sync16576_Oa function| sync16576_Pa function| sync16576_$ function| sync16576_Qa function| sync16576_Ra function| sync16576_Sa function| sync16576_Ta object| hadron boolean| __halo_loaded__ object| regeneratorRuntime object| ID5 object| __id5_instances object| ad_sizes object| pbjs object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_144 object| Criteo object| Criteo_identitytag_144 object| __uid2SecureSignalProvider object| __uid2 object| ox_esp function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 number| iframe1 string| iframeid string| size number| flag string| temp number| size300 number| size250 number| size600 number| size728 number| size160 number| size120 number| size970 number| size90 number| size320 number| size50 number| size336 number| size280 number| size100 number| sizehp11 number| sizehp12 number| sizehp13 number| sizehp18 number| sizehp14 number| sizehp15 number| sizehp16 number| sizehp17 number| sizehp19 number| sizehp22 number| sizehp21 number| sizehp1200 number| sizehp20 number| sizehp7 number| hijack string| h2 object| json object| test string| d1 string| a1 string| c1 string| v1 string| s1 string| h1 string| si1 number| d string| timezone number| current_hour2 number| nextactive string| adunit3 string| adunit2 number| pos number| len string| pos123 number| countdivdesktopleaderboard1 number| tempval number| strategy2 number| success number| flag4 number| status970new number| statusdivdesktopleaderboard1new number| stat string| id2 string| andbeyonddivdivdesktopleaderboard1 number| andbeyondwidthdivdesktopleaderboard1 number| andbeyondheightdivdesktopleaderboard1 number| countandbeyond9701 number| activedivdesktopleaderboard1 number| passivedivdesktopleaderboard1 number| time_refreshunitdivdesktopleaderboard1 number| nextnumberdivdesktopleaderboard1 number| counterefreshandbeyond9701 object| startdate number| mseconds number| crontime object| timerefreshand number| status_bad object| id1 string| aff string| pos1 string| text number| width1 number| height1 number| width2 object| andbeyond9701 number| strategy2andbeyond9701 number| strategy2widthandbeyond9701 number| strategy2heightandbeyond9701 number| strategy2typeandbeyond9701 number| strategy2counterandbeyond9701 string| adunit2andbeyond9701 string| zonename object| labelnew string| device object| restrict_bidder object| temp_ar object| temp_ar_new object| temp_ar_new1 string| keyname_new string| label_temp object| keyname_temp number| m string| temp_val number| tempnetwork object| temp_net number| videoa9flag object| au number| countdivdesktopfooter1 number| statusdivdesktopfooter1new string| andbeyonddivdivdesktopfooter1 number| andbeyondwidthdivdesktopfooter1 number| andbeyondheightdivdesktopfooter1 number| countandbeyond9702 number| activedivdesktopfooter1 number| passivedivdesktopfooter1 number| time_refreshunitdivdesktopfooter1 number| nextnumberdivdesktopfooter1 number| counterefreshandbeyond9702 object| endate object| andbeyond9702 number| strategy2andbeyond9702 number| strategy2widthandbeyond9702 number| strategy2heightandbeyond9702 number| strategy2typeandbeyond9702 number| strategy2counterandbeyond9702 string| adunit2andbeyond9702 number| countdivmrec2 number| status300new number| statusdivmrec2new string| andbeyonddivdivmrec2 number| andbeyondwidthdivmrec2 number| andbeyondheightdivmrec2 number| countandbeyond3001 number| activedivmrec2 number| passivedivmrec2 number| time_refreshunitdivmrec2 number| nextnumberdivmrec2 number| counterefreshandbeyond3001 object| andbeyond3001 number| strategy2andbeyond3001 number| strategy2widthandbeyond3001 number| strategy2heightandbeyond3001 number| strategy2typeandbeyond3001 number| strategy2counterandbeyond3001 string| adunit2andbeyond3001 object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| rtbpbjsChunk object| _rtbpbjsGlobals object| ADAGIO object| invibes object| mnet object| PublisherCommonId string| mediaType number| timeflag string| idnew2 number| knew number| j number| newidflag string| vs3 number| nextpassive number| time_refreshunit number| nextnumber number| passivedivdfp1 number| activedivdfp1 number| time_refreshunitdivdfp1 number| nextnumberdivdfp1 number| newflag number| diff number| flagnewone number| passiveandbeyond9701 number| activeandbeyond9701 number| time_refreshunitandbeyond9701 number| nextnumberandbeyond9701 number| passivedivmrec1 number| activedivmrec1 number| time_refreshunitdivmrec1 number| nextnumberdivmrec1 number| passiveandbeyond3001 number| activeandbeyond3001 number| time_refreshunitandbeyond3001 number| nextnumberandbeyond3001 number| passiveandbeyond9702 number| activeandbeyond9702 number| time_refreshunitandbeyond9702 number| nextnumberandbeyond9702 object| sas object| apntag object| _ADAGIO object| _ object| gno_ad object| gnoAdsScriptCallbacks function| jxloadJS object| jxpbjsChunk object| jxpbjs object| _jxbidsq object| jixie_o string| idnew12 string| context object| videocode number| videounit string| contextvideounit object| jxtrkr object| jixie_p object| ONFOCUS object| GoogleGcLKhOms object| criteo_pubtag_prebid_136 object| Criteo_prebid_136 object| google_image_requests

70 Cookies

Domain/Path Name / Value
.gmanetwork.com/ Name: _cb
Value: B0u2deC31FDgD1AssA
.gmanetwork.com/ Name: _chartbeat2
Value: .1700752297650.1700752297650.1.cQ2PzC_HAwthdykBWs9LNCZx4sJ.1
.gmanetwork.com/ Name: _cb_svref
Value: null
.gmanetwork.com/ Name: _gid
Value: GA1.2.460939384.1700752298
.gmanetwork.com/ Name: _gat_gtag_UA_242242_18
Value: 1
.dailymotion.com/ Name: dmvk
Value: 655f6ba9bfa9e
.dailymotion.com/ Name: ts
Value: 387135
.dailymotion.com/ Name: v1st
Value: D0304F0A02FBDBF9C5AB5273DBE9567B
.gmanetwork.com/ Name: _ga
Value: GA1.1.1264207553.1700752298
.quantserve.com/ Name: mc
Value: 655f6ba9-c8c0b-30b54-faa7f
.gmanetwork.com/ Name: __qca
Value: P0-804627643-1700752297696
www.gmanetwork.com/ Name: AWSALB
Value: PPe18MNCfTo1o1uBUFSgQhPXKLa8ZZ1exdzJRruefyI5vlsnUAQWhSAk6d0YvsYqxGJfOuDeLh0FWF7mBD5Nx9dZ9WZhKf9361zQJWsOk75bA+jAh6BRmXQzKzWw
www.gmanetwork.com/ Name: AWSALBCORS
Value: PPe18MNCfTo1o1uBUFSgQhPXKLa8ZZ1exdzJRruefyI5vlsnUAQWhSAk6d0YvsYqxGJfOuDeLh0FWF7mBD5Nx9dZ9WZhKf9361zQJWsOk75bA+jAh6BRmXQzKzWw
.gmanetwork.com/ Name: lotame_domain_check
Value: gmanetwork.com
.criteo.com/ Name: uid
Value: 9fe593d4-625e-4f2e-8d28-3993389bda9e
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.openx.net/ Name: i
Value: 3dee50e5-cbe1-41c5-a348-54b49cdc884c|1700752298
.gmanetwork.com/ Name: __gads
Value: ID=a6b015e9e1a15ea8:T=1700752298:RT=1700752298:S=ALNI_Mai8vBK9srJ6gQro_as2vCV2uyTIw
.gmanetwork.com/ Name: __gpi
Value: UID=00000ce01c38806a:T=1700752298:RT=1700752298:S=ALNI_MaVPMhF6aL8bF4H78CRrvAI4zSlVA
www.gmanetwork.com/ Name: _rtbpbjs_userid_consent_data
Value: 3524755945110770
.gmanetwork.com/ Name: _sharedID
Value: 0eacd417-eadb-441c-968f-bb85b79ef499
www.gmanetwork.com/ Name: ucf_uid
Value: 3d8ef28e-1e3b-458f-9e3b-708abe36dcca
prebid.a-mo.net/ Name: _Amc_b
Value: 0
.adnxs.com/ Name: icu
Value: ChkI_quGARAKGAEgASgBMKrX_aoGOAFAAUgBEKrX_aoGGAA.
.adnxs.com/ Name: uuid2
Value: 1095307074585270627
.script.ac/ Name: __cf_bm
Value: XIAxxkQjg6lQNP0m4lR8mt.G8yJyX1uAJkEEMyf0pxc-1700752298-0-AYZb6kQsyGM+FxS0SvbyebkeiL6bnadKZhBYrLK3gH8uenen/A10wD9QVfezIsZDVka4VMszNhzNq0Tb7Lc6TCQ=
.doubleclick.net/ Name: IDE
Value: AHWqTUmQ_96crndEGfFXy5X34mtM2BP8_QiqS5RNV507vESew0vqi-YkM1oTMlGzfBU
.prebid.a-mo.net/ Name: __amc
Value: 2_1700752298_1700752298
.rubiconproject.com/ Name: khaos
Value: LPBC08HC-1T-F0U8
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qq+Tzl8HIoQXiAkF7RiBdb4AgvEG2sPPZqRoUZOq/XfJt8yNRnb7lUAMhTY4XO9ZU/lCEKA2wLvv/PzJ6cr+j5/UJeulnyjcPKXvnqSXrQ1MyKPLRELhl3x0A+VO7RH1E0=
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: unm
Value: 1
.dailymotion.com/ Name: usprivacy
Value: 1---
.betweendigital.com/ Name: tuuid
Value: aa60ebce-2591-5347-b188-f114d4d79abf
.betweendigital.com/ Name: ut
Value: ZV9rqwAEq1AqopGp6UE_QC_bkF5VBFo20it44A==
.ctnsnet.com/ Name: cid_d191fee5fde14cf78e5df147fca9ec5c
Value: 1
.ctnsnet.com/ Name: gid_CAESEBGDV1zK7AgNa9g5CdnmUEk
Value: 1
.csync.loopme.me/ Name: viewer_token
Value: 5e8c48e5-324c-47d3-8c10-88d899b34086
.doubleclick.net/ Name: APC
Value: AfxxVi5wyr3eQ_0w2FKdrOrkbNhHYWFfKGhSccAoes5dDHo2T6xrhQ
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZV9rqwABzASPBgBH
.simpli.fi/ Name: suid
Value: 9BF159EC8C7341D4B578945DD281E208
.quantserve.com/ Name: d
Value: EA0BCQG_KoEA
.yahoo.com/ Name: A3
Value: d=AQABBKxrX2UCEE0hXPcZYWRQZkv71qTPKuAFEgEBAQG9YGVpZQAAAAAA_eMAAA&S=AQAAAtPrmgPvju7OnmIS36TonrI
.casalemedia.com/ Name: CMID
Value: ZV9rrGIUNkZJLd0s5LYUhQAA
.casalemedia.com/ Name: CMPS
Value: 5156
.casalemedia.com/ Name: CMPRO
Value: 5156
.gmanetwork.com/ Name: cto_bundle
Value: 2c_9hV9XSFdLOUZLRUIzOGZuODJadm5PcWU2cWElMkZ0MmVSN0NzYUFjQUR6Q2Y5bVJvb085TFU2bVNIUUZnRU9xTHNOZ0FWazBtU0UwYmFoR3BPZlFwdGFmbEJaZXB0T0EwVmRLclkxRUxPJTJGQzZzWWFxa2NpTk5rJTJGNklyanNJeE9DZnRuUmhKMU1YSzlMY1FvZyUyQkpUTEp0dDM0dyUzRCUzRA
.gmanetwork.com/ Name: _ga_B4FW0S5GFB
Value: GS1.1.1700752297.1.0.1700752302.55.0.0
.adnxs.com/ Name: anj
Value: dTM7k!M4/QD>6NRF']wIg2E>3mA'G/!]tbh8i_iqf!oN/@E'zz<*Z0QmpNTRj7VZP_lC)9T+Qe9clU)->bq<.kHn!dTD4YQo5i@?nrTu!h+X!JgiABDIy)RMu?sn^j7s.[%tXW_1_^z=h0lf^IrS9w$v_wv$PSD)(Ed5b>w-/6!EzDV
exchange.mediavine.com/ Name: mv_tokens
Value: %7B%22mv_uuid%22%3A%229c176f50-8a12-11ee-aad2-1f2269987790%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: mv_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%229c176f50-8a12-11ee-aad2-1f2269987790%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens
Value: %7B%22mv_uuid%22%3A%229c176f50-8a12-11ee-aad2-1f2269987790%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%229c176f50-8a12-11ee-aad2-1f2269987790%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: criteo
Value: %7B%22id%22%3A%22k-EBFF78yNEPrsLnsI-fhaS2wBwXtzrYLj14y5kg%22%2C%22version%22%3A%22criteo%22%7D
.omnitagjs.com/ Name: ayl_visitor
Value: 8d13f935e1dea5db1ab518f571b265ad
.demdex.net/ Name: demdex
Value: 41994312156325016370000118001925889124
.dpm.demdex.net/ Name: dpm
Value: 41994312156325016370000118001925889124
.krxd.net/ Name: _kuid_
Value: P7upNbmA
.postrelease.com/ Name: opt_out
Value: 1
.tremorhub.com/ Name: tvid
Value: ba6b1bfff78a4c4ab5a74c399eac8308
.tremorhub.com/ Name: tv_UICR
Value: k-EPq91cyNEPrsLnsI-fhaS2wBwXvihI_dsSzYbA
www.gmanetwork.com/ Name: _jxx
Value: 9ce9b370-8a12-11ee-af36-d9ce645831f0
.gmanetwork.com/ Name: _jxx
Value: 9ce9b370-8a12-11ee-af36-d9ce645831f0
www.gmanetwork.com/ Name: _jx
Value: 9ce9b370-8a12-11ee-af36-d9ce645831f0
.gmanetwork.com/ Name: _jx
Value: 9ce9b370-8a12-11ee-af36-d9ce645831f0
www.gmanetwork.com/ Name: _jxxs
Value: 1700752000-9ce9b370-8a12-11ee-af36-d9ce645831f0~1700752304
.gmanetwork.com/ Name: _jxxs
Value: 1700752000-9ce9b370-8a12-11ee-af36-d9ce645831f0~1700752304
www.gmanetwork.com/ Name: _jxs
Value: 1700752000-9ce9b370-8a12-11ee-af36-d9ce645831f0~1700752304
.gmanetwork.com/ Name: _jxs
Value: 1700752000-9ce9b370-8a12-11ee-af36-d9ce645831f0~1700752304

5 Console Messages

Source Level URL
Text
javascript warning URL: https://www.gmanetwork.com/(Line 93)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://z.moatads.com/gmanmigamheader860109928859/moatheader.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.gmanetwork.com/(Line 93)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://z.moatads.com/gmanmigamheader860109928859/moatheader.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other warning URL: https://geo.dailymotion.com/libs/player/x3d09.js(Line 57)
Message:
Allow attribute will take precedence over 'allowfullscreen'.
javascript warning URL: https://geo.dailymotion.com/player/x3d09.html?video=x8puf01&customConfig[customParams]=dm_position%3Dmainrecowidget&actionInfo=false&mute=true&dmPubtool=new-cdn-ce-v2
Message:
The resource https://imasdk.googleapis.com/js/sdkloader/ima3.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
other warning URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js(Line 3)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5586c6367ca4859af24dcbc5f79a13b1.safeframe.googlesyndication.com
a.ad.gt
a.teads.tv
aax.amazon-adsystem.com
ad.360yield.com
ad.doubleclick.net
ad.yieldlab.net
ads.betweendigital.com
ads.eu.criteo.com
ads.pubmatic.com
adxbid.info
ap.lijit.com
aphrodite.gmanetwork.com
api.dailymotion.com
as.ck-ie.com
bcp.crwdcntrl.net
beacon.krxd.net
bid.g.doubleclick.net
bidder.criteo.com
c.amazon-adsystem.com
c21lg-d.media.net
cadmus.script.ac
cat.nl3.eu.criteo.com
cdn.ampproject.org
cdn.aralego.net
cdn.hadronid.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdnjs.cloudflare.com
cm.adform.net
cm.g.doubleclick.net
cms.quantserve.com
config.aps.amazon-adsystem.com
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
csi.gstatic.com
csm.eu.criteo.net
csync.loopme.me
data00.adlooxtracking.com
dclk-match.dotomi.com
dis.criteo.com
dmxleo.dailymotion.com
dpm.demdex.net
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
exchange.mediavine.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
gcm.ctnsnet.com
geo.dailymotion.com
ghb.adtelligent.com
ghb1.adtelligent.com
ghb2.adtelligent.com
gma.gscontxt.net
google-bidout-d.openx.net
googleads.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hb.aralego.com
i.clean.gg
ib.adnxs.com
id.a-mx.com
id.hadron.ad.gt
id5-sync.com
image6.pubmatic.com
images.gmanetwork.com
images.gmanews.tv
imasdk.googleapis.com
j.adlooxtracking.com
jadserve.postrelease.com
lb.eu-1-id5-sync.com
mab.chartbeat.com
match.360yield.com
match.adsrvr.org
match.sharethrough.com
matching.ivitrack.com
mb.moatads.com
mp.4dex.io
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
p.adlooxtracking.com
pagead2.googlesyndication.com
partnerrsc.jixie.io
pebed.dm-event.net
ping.chartbeat.net
pixel.quantserve.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.andbeyond.media
prebid.media.net
r.casalemedia.com
r3---sn-4g5lznez.c.2mdn.net
r5---sn-4g5lznez.c.2mdn.net
region1.analytics.google.com
rtb-csync.smartadserver.com
rtb.adpone.com
rtb.adxpremium.services
rtb.openx.net
rtbcdn.andbeyond.media
rtbdemand.apiip.net
rtbpass.andbeyond.media
rules.quantcount.com
s.thebrighttag.com
s0.2mdn.net
s1.dmcdn.net
s2.dmcdn.net
script.4dex.io
scripts.jixie.media
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
speedtest.dailymotion.com
ssbsync.smartadserver.com
ssum.casalemedia.com
static.chartbeat.com
static.criteo.net
static1.dmcdn.net
statics.dmcdn.net
stats.g.doubleclick.net
svastx.moatads.com
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync-tm.everesttech.net
sync.aralego.com
sync.outbrain.com
sync.teads.tv
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
traid.jixie.io
trends.revcontent.com
um.simpli.fi
ups.analytics.yahoo.com
user-sync.adxpremium.services
vendorlist.dmcdn.net
vid.vidoomy.com
visitor.omnitagjs.com
vpaid.vidoomy.com
widget.nl3.eu.criteo.com
wrappers.geoedge.be
www.dailymotion.com
www.gmanetwork.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
z.moatads.com
partnerrsc.jixie.io
104.18.36.155
129.213.64.139
13.248.245.213
13.32.22.213
130.162.160.243
131.153.158.209
141.226.228.48
141.95.98.65
142.250.186.166
142.250.186.98
147.75.84.158
151.101.194.49
151.101.67.52
162.19.138.117
162.210.196.208
176.34.182.11
178.250.1.6
178.250.1.9
178.79.242.16
18.196.51.148
18.245.60.48
18.245.86.36
18.66.138.185
184.30.211.26
185.106.140.18
185.239.172.170
185.83.69.58
185.86.138.146
188.65.124.59
188.65.124.66
188.65.124.90
188.65.124.91
192.96.203.13
195.8.215.137
198.47.127.19
198.47.127.205
199.91.74.174
2001:4860:4802:32::3
2001:4860:4802:32::36
209.192.201.180
216.52.2.91
23.218.209.56
23.218.210.30
23.35.236.201
23.35.237.151
23.35.237.56
23.35.237.75
23.36.156.23
23.48.23.23
23.48.23.49
2600:1f18:612b:4264:daa9:3300:1f77:ca7c
2600:9000:223c:1a00:6:44e3:f8c0:93a1
2600:9000:223c:c00:c:3460:340:93a1
2600:9000:223e:7c00:d:a120:a940:93a1
2600:9000:223e:fa00:d:a120:a940:93a1
2600:9000:2250:1a00:a:e047:753:a221
2600:9000:236e:200:2:d490:4d80:93a1
2600:9000:2646:cc00:18:1fcd:353:c61
2602:803:c003:200::43
2606:4700:10::6816:3456
2606:4700:10::6816:34ad
2606:4700:10::6816:4092
2606:4700:10::6816:545
2606:4700:10::ac43:17ea
2606:4700:20::681a:467
2606:4700:20::681a:8a9
2606:4700:20::ac43:49e4
2606:4700:4400::6812:22b2
2606:4700::6810:5514
2606:4700::6811:180e
2606:4700::6812:1791
2606:4700:e4::ac40:a60b
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:11::8
2a00:1450:4001:11::a
2a00:1450:4001:800::200a
2a00:1450:4001:801::2002
2a00:1450:4001:801::2003
2a00:1450:4001:806::200e
2a00:1450:4001:808::2001
2a00:1450:4001:80b::2004
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:811::200e
2a00:1450:4001:812::2001
2a00:1450:4001:827::2003
2a00:1450:4001:827::200a
2a00:1450:4001:828::2001
2a00:1450:4001:82b::2006
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2002
2a00:1450:400c:c06::9a
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::c
2a02:6ea0:c700::17
2a02:6ea0:c700::18
2a02:fa8:8806:12::1400
2a04:4e42::714
2a05:d018:d29:3605:e656:41e3:3e80:bff1
2a06:98c1:3121::3
2a0c:5c87:5239::2
3.1.39.24
3.126.74.214
3.141.120.20
3.71.149.231
34.102.146.192
34.107.231.31
34.117.157.22
34.120.135.53
34.120.63.153
34.247.98.157
34.95.69.49
35.186.193.173
35.194.66.159
35.214.224.130
35.227.252.103
35.241.31.249
35.244.159.8
37.157.3.20
37.252.171.53
43.129.34.52
51.89.9.252
52.207.175.30
52.211.88.8
52.223.40.198
52.50.106.246
52.58.92.77
54.155.236.110
54.194.96.15
54.195.247.153
54.93.209.232
63.35.59.59
64.202.112.255
65.9.66.97
69.173.144.138
69.173.144.139
74.125.133.156
8.2.110.113
81.17.55.171
96.46.186.57
99.86.4.71
007125ab8f1d8fef6f56739395dd67235d77b9e01dedda951ac6109c8add3048
02478408a239ca6bc39381cf0fd8931b0ccbe63507acda5fbaaac4d4125de04f
041e8c6602095e4f4dbe24c0788a7fe211cfa6b9b515dfa35eef1e00b5bdb875
05a820c0353ecfb7fd9d57839b74074b9609ab39be803c2021309a063b7f377f
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a1640f41c6d768a670e8ff4cb9b0189b8e0267d2d96b76906db53cd358cd0a5
0a6c1e142e117d18911b8d227abe733249ec72783a0941e6e56bf79fbc9aa35d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ca9456ebb7700467fdf8b4ff8b9ac1794793060a018886a0409e0aae2eebfed
0e400b34d33ae7b052a9c9f5cbc3eb81cb5e725ae8a9b8db2c7f3bc7b623f3e3
0ee83423c0a378adb7519826e6d567c2f3200312cba4e76191b5b259ad3d0844
10906b8c7ee290918a54bb5510854a38d276b9419e7f91d3781b7af6aeeaebfb
110cc45a86a31a5f20d26a85ac76a5fe104679a252808455075fa55390f63993
115e7d79f79792d43cf85101fd2bb78e7c72890db5d5af08f909a780a9ed0b3e
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
12db6710704be359f07f6c1e2bcb3955a3fd0ed332d59586cb0c38c6858c7312
1378e86ced6c37842e92afb9989ae0142b2f0b31c6978c8d5fd0193a28a4cb0d
141b8f57348911d9378499b7fd7485924578cf14794bd127bd93d814e8d34069
144eca176c160376faa7cf44f629e5d837adf52dc98e9ad1d52ce9e01918d200
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
17b442401ad3cb8ed66991683d396ae112344e15d057aa002c5f1f495b1f5d76
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
190bc3cfebd6701eacafa266419c022ed41c44929feba6fe1b6e28797cf41244
1d6c9c33b0b8ba1499f96e39bfb68ed6b2885dfacdae7e8bc043124da0122748
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1f5c424742815736049a0dc812c6d96a9fa9d9e503f69a41e6548ba221712610
1f7b3b3dac487e1556ad842acb496488eaa4404a74c22ff135ddb5dfaa15ee81
20abfed70acb0c65c3f04d9a2d275de749f47e83e12e4555d241560e7059e4fb
2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119
22a1257891d7523261ed7426751d43a5dfeb83e2211aed3b71f085b5a45149ed
22cac75cf95f12d31b33168d11efa9931af175db7a994a7af469f8dfb83c7f71
23a3d4c274bac3901c9e42ef1e11f2ac3c757db85f4208c52adbd3c8fe65e802
24f3dba78c31c5d70638101d559216361f0a1b8e2ce168a784a57bafdc971f86
2748099cb681bebb45d0fbc0ca7fa870fb8b830f41398af7fb7b9133387f80cb
28c5732eefa979245ff326045f37b6b7cdfc92385c594caea33e265e4a066c7b
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
2be0b4a2461891c0fa8e893d06be2d1ee05cf40e27fb50003875b54a2de4ac4f
2cb0fe4fabfbfa6e430ac7e58f817bcf765e196d05a9e5e14360b8ec948a0621
2cc5dd9cf420eefb86d6bf881ddd2b8f77f83975405911050f7b0ca081dc41d1
2d7e04f93797dca868560733bfe7342aabd013ae8bba52073a35bc5fd99e830b
2e61dccde5f5de2d9af96bca8926a2ea276063a1055fccef41f17137920daefb
2f2ea80a183d9b09c9ebd006b2f77b7559344493bd0e98def0e20c2f28a7ff72
30371f414f5854dda8a468b66607dffb2bb98b3effb8d665e987b98bafe2648a
3092c5c539e2a234b373fb36f52d9603ed661ed03624ae899bfbccd6948f707a
313d7bad01577d169a368d471264cd2228b145a183fba42679f41e1d2b2a9f27
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
321460fc9c30854363bc21dee928ac165b36e0f465f50c888f5c576c696c15b3
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32b6537fed624b948450256ad8523fc68f38591f175a5fdb916376e8d294866d
33342f4dc05d8d78b73a556268c204b766a15f85e04324801c6cb418bf9e2a75
3349196225a9f9ab7479b3c69e1a88774c6a9e536e325a27307d92c322248797
3446423db0881ff4ca5f0719c3841fb4c0d1c4dfc266ad9e52e6e11bd2ee54f9
356c81aca8049b789bc67499fc284bc7eea006e989fbb7351cdb812f1a24971e
36024d3bf555aee369a2f13d45543654b0c0bd75e556bfb8267da71b2d3eedf5
3632ce654783468fa2b5e1087f14b1b07ed4be55e2ba0a6e777926585fbb8522
36ae90dd673a100b1fc1baede232d2d217535bcc36bb5c53a21f90ee8c17cb87
378d1668b3f15aeed82f6b1ccf730361134e41f8902dac2d97d66a93cedd9af9
386a6e0636ad12f8ff59d2b98a862a1bcb1bc85e1b44cd0ec89679d19ee8eede
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
3ad320c0d8a23bc10fc0476ff56522374e4accdd588f4e34234bcc54c5a098f1
3b2be61a83e01c43ccf834973e765254111cb35051088b45c3ae9080db7cf44a
3b4973355c796a000684013979c175e9e88f3412a3b9827207feac90a7fddcac
3b5968101e04a0ca713a6789543d6c4b61cb81aa7c4134f22ef2682ae6249204
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3e9c07b64929788c254b08a05911877196ddadae343015f18840f9253d8001a0
3f0f2e900aa679451647aa7e0928d9c9f4d874e932ee7a12bf8774bfd2013d6e
3f444974beda618ad11ab53facf70433e3cc234e8b7c6b6c01e60a6971a98f18
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
407c0ea74212ba3a966ae1d7cf3c8ecf68e6071c8b6194fa830e4560ec13635b
40c84dfb91da49bb7e4aa1db312d9e3985c60e3fa263a4ff6623c31a45736f8d
40d21780512932deeed493add99ab54d1f4b53f060e4ce614bfa14d14e3ec707
40d3e417b9b04c92bd705bcb20c234420ea1c81a4cff83afc33033d080233cc3
412da37a2894962aa0215a328203b5f4b9b077983f81b3a746d0c64559b54c17
415c096c8fef11146025d09782f6b01569eb08dac17e60c92b6d0739f406876d
41d1a034a8704ed9d1ee489d56bf3aeedcad74d89639b3066e752d3f3bdb519f
422ba40e0c4b5b757a49125398d403f1815b672cddd72e7eddeffb1497e5c568
4265686660c12d10f6954d8dec60884933d680f10dd79a4ff7a76c016d62f39a
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4485a31f8636be02acd5e3ad5c9fedf9a0ba89906c5ba327c0f2d06787ea8cf5
45986891113c4ae3780f4974cd3facaf0146bf46605c1b9ef525896d75fa6aaa
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4707a9ffea591173553e19e83e1ef9d2c2e6ab1a99c53e786ce085f5f3ed3ee2
476d80c2092cb216c73ec1efe55ad2b16d88911c0d05d6a2545205b38a757528
483cdb6694196232fa95ccfda0a24777b3f6c9349b20dc3ce304f447c24ebee7
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68
4a1e0abfdb96853771278d05752b869eecfbde0af375368eb0e277dbaefba3de
4a23bb9735adef0d14b41b552116f24a195b12d47029a6725305e921c5410ebf
4a32283aaba0418ac1b0953af32fbe71948d43e7cdc08abeca552a9373809087
4b3ca836bc65a026078313b6d5982c6320b4c9b6c606aed2a47e9a704642644c
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f
4cd9d7fe6bef9e82616b20d2c4a7a9842652ed469b704922e4c682f209754768
4cda4bf9a93b684d19e62ba95325a2ef2d02a1474c650f1728dbf2526bd84d31
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e83341c098d5d3d2f449b411fef0e370d5bf3d4f808c1736bbb2b7fd8da267e
4ea50e0c9b3f7750fd4f01735f3c83c64f2ced8435701d11f19dc9d3c856434d
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
516b9ededf97d420fff1b84e80f1f1e2fcc3cd60b713a8b56a3dc51e365c2cf4
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
52f19952a70a24721115979be298fd78ebd12372d88c63cc59e11788851d42ad
533caf35f2cda9c367634996d96ef8a9482bd2b9a8ad56beb0d7bc6927bc7f6a
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
568fe3df9ca006affe9736ce79f4945b14af957f285d9aaac8eac9acfd1a4c4f
5695f8317f3c82772c4793fb9145d45cd56cc43d79b27737a37e3bd030ab3baa
570eb26b1f69dc91b116affae587952ea205228975cec892890a16dab882124f
5c96361404b7bdbe55bad860d3a0b6f234cf627dab119b29cff3d7b3cfc1f719
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5d7cd8467d915e302c4e5e648ec8f471cb68a9a0fc9e881acebea2cdc27b7843
5e24b61f7ae7a4e552208ab7eb54601da5fd5af5a24a5cf542839398a33a9630
605749e8dd778106d2fe76698d7070d4d49af283cb8539aebcc37336254587f3
60f02d79244d0fadb7a683bc26e4a5600d42ab7d96b6f9fb345f2aac509d7f2b
61496aa1a9c3d26cfc292b41fc451a597a47468117c1fb258226a57296390433
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61c3f279c024c4b28081fb6bda43f4e25dd8e7d9efbe3ade1d4ee0b188f88e79
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
6338a209a07530e60e6d60e4fd0d2fc62078b98c8b8953dd97c3cc60703791ad
63741eca9eda562e18659e715046db377b3df29e2adb9c13ca28fcac1c69a2c9
63af22e1c5c589f8c9cd306d5f183af391b4dbb7487aaf28211499473d234b6d
659fb269caef27fb6c733c44505593fb6f6279d3a0ae5efd6a581b07432cef10
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6cc034fe4dbedb8eb1d97c550bc0b5a394b294053ef50409c87c951e2feb626f
6ee69abe38a87fd8aa0867401e1e14d2831eab6dfb1bb2d97abf65ac57cb5705
6f0829f2cd5a9fe98cc6e0932b366289c3c2d18a30922bbea4ba8ef5af4f41d7
6fe3c3849b8d63009dc4c89ff20e418ca4cea135043dd36551a9b9b2af3e41b4
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72b2181e58d5c45800d66d36702794ca5ae5bf1fbc20f106442b7eac3191a623
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
73bf95e9a7ab54356243de27569be7dc81f10b9acdec742f25349698bc753b75
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59
77b8ee6b3a8442b681e4bacb27c4fc82ad87c5953b8497700507bf3be7c6a26b
77daa4388c965a3e23b5a6c800727d8025ab108f89cf5679e79136986d5b4561
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7ac163dd308e4cffb0524b156b8706b12395d3b859673c1bf3eca99ce8206af4
7b7d39175695b4e40a3e354284f63bbf7e68b38b00d390b56e921799dcc972f8
7ca7a1e30027e42d510cd253b29f1b9f505c04b9af48c9ed20804d9d8006faff
7d66d341c38f20fbebbec8f7528345208362d87e9782183e64fc29b5a0f655d2
7da19bc4a3bf578f18da57a2ecce31f6c394bc89711b7c173c30e9d67cff27d4
7e74f145bb6188295987d4055b46662abf9b1e7e581183fb08ad33da47169e04
7f46af98ac174d5319325f9ad6bb934cecd962e22ed5ea15d010e70d2ab9e6cf
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0
8095e046d436d9957b442dad9827d0289469e91f12cd94f68ffc90198e3b4f31
81333edbc0c23216dff29ac67ff2950850592c91086d294731262193b54c55be
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
8264bf30b0dfc41d19bf53d2c63a8fc9326b427cf3ea9cd9b6be2696fc55b118
8265c5aec9ae3882691303cec1b6993e75b12e8071fe6710826f7fc6b5cbccdb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83c11304073be20684fde0d9c0e334a56cbe6f261d4f64fe30718eb7cef1eb21
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84e2167e77945cd0b8774945229d3bbd912247a9086435fe4396ee5364391f56
869a589a48cc6c4b630a9d54e98995b084bf88d8bb0774f09e31455ae1517d17
878793ac3ff669357282f8608542fbb5602c9f99fe40d310dee8ef34b9e51a62
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89eedbbed5f6250bae17d20c99aeed287acc82e0e1dbf0a38c5e9c95b61ecdc9
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a41c38a73c88d41f76fee0ff176b1fb6c365e688f23e8c8e11a4a81638f158c
8a513e9310b41b8005dc6c8a479188d256e40e27e7f8e8497bc21405abe15f74
8d41ef500024d90580d8726687e4865284b5630f1f41367393ff50ff4f2917a0
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8eaa3b3ac2b1d6e12669a67f3a8aeaf668ef71ca9b503654ce72e08d55d32e37
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
90920ca95a749698c52df2e9af9b4f533bd6368b345f90125a96717726452b92
911f8bf5fc6e99e7009d8ba1a822dc5ad70706ea54edad681d285215693e5958
9187ba048e965aab532234ce6ed0e7aa70ab24676c118485f0c5a56cdd135f66
932470ea29d7b4b6f4440a502d623ee306108bf3604d0d020f49e496c2e3e4ee
93e307064c21228d99d736aa2bb547c492c22abcf18240fab1cbcf0c34bfeeaf
96aad03121e284cca1e0e32862ae08b7a83a17a316961bb35c4ca35082063cdc
97005dd25cf70a636dc3cbbdf6b292ce3a83275dc375c313125aa845695a06d2
983871cac9e719263fcecaa540c4e1597c8ece1805845830ec21fef0e71d9f88
983acab334d838f0a0f8fb1d60e51f82f48e40dc7a09ef88110468d6368a17c4
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9cb88ade7bc4ef04c13f043eaaa2d355b5b5a45099ebb64d34b3db5b5dd8575f
9cc2a0883f34de88a48068993117840b77720d075674c13718701ba72f4bd121
9d0101d9265d80d8eb438e61f6696ae78aac23db31b6d30f496ca833d147aaa3
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a04134f4ff51064b1060088f4120279252bbebcf58da8a3e4dd6ae6eea0e29c6
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a18592f41ad4b992e4381c88220d5061c2ef48ebac2879d9f5b3eb5bf511b298
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
a22e6771030d9d1b2124aadc16f1c95381d0184a83f28e80c039dbb6ae8671d1
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
a47d2e466e88d30d4bace81030eedee32b9a066ec9b3eb8e7cd77b714da38fe2
a4ba58bee2e4589e7c27a5117067681d0c2dfc24c833ff8f917cdb70eeea5854
a521950f1948a200623213eab300c11f85e8c66c6ec3247f55e0ae4518c22411
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a552ff7640fb26c3d96b137019553bc57718c2b895fadeb35228971e325976df
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a9037060df03210c6d886329dcacd8db520db1e15b956addd9e54a173f94aeb2
ad50a22f5bd93d8c1110ce46afc8b8a6509451830da8d983c6f7c59da8aaa0e7
ad79ce7e34d1a788809bb853031133de2ae45f3c19ac4955dae46c7490188c2e
ad897e755d66db39445044cf4cf55b648f5eeee70d99acb97b020f896adf239f
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
b05155416aa1689236072fb1338ceaefc9809a849bda6588965f5979e8a01aa8
b0978fb0412437ad74f3482f09b3c0084254e06ca8a3956467c7a388746ab840
b0dc69ead89bbbf92f426439ead6395d9d46441db7689d990615407c7a3a90b9
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
b5a70a13cd82b817774b908b31f96aa3d4e318dcb62aae93eaeb577f3ad621b4
b7506715d8ff403a7e4a56b46e757ecd12c8a59e4c48d8f0478b62186f51bb1a
b7bcd8d825fc5b227588fe253e0a17d4562d25253dbe5a67a6622e80fbda44b3
bac47306a43a09eaf899059ee919071edb1e38426bb18145bef04d2a2eec1f2d
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb2b67f368d14d849ed9616fc8fc9a4c0a138b8f5bccbb25363a5b7e0f0afd14
be55fb86a6ce047ebd1b240fcb8242819b7c0a511720c3496171b8bd30a6c0f5
be8b82cc4b0eb56e82712c74a3ae95930167e9c287ebaea1ac232535d0b0e9dc
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c4365d6a32488177cb54ca675336e93c4c39820a478065dbca8092963cd4063f
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c56c33829d5499932d8ab2acbfcaa984cb7892e55cc4c78a25b788346d3da8b5
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
c75b05bf2836d54cfdba76825b65d80ea4ee62cb0caae0425471f018c929d935
c86d792f85479bc941b4eb8e817e461f88e5b57097f65c48529b509857bda2ea
c8a60a42eab50f22505ac6b31ceaaed1e0172947d221050211bf50216942f43a
c9650c9340f09ad312af51509d7d57daa3f04348e9d55cc1f274e2c177d04812
c9f581d340bfc6744ba2045f76253c9cf32ea544ed3f777cc9f4f53e81e9e858
cae765e89c38588186de4b36811acb8e873a674a2ca9223dca8fb391a012082b
cb5044d90e4cd2c38ec38509ff1aa130c55af37d772fab51d5d95acf3c6bc7c4
cb83af0eec1fb71fb35196225c4a4a8964b7e47b52f9a85679c808907abd2b09
cc65b850444ef04ef08e3ace3d13e19b693c6c07543ddde89579fcd3326771eb
cccba065a0e962f62ca114793d18ada30e87cf7a48900c1e7486e8e4c57a05b9
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfc5aae5065f222992294eef20dcf01fefcda452259ae480d4606a69cd6089fc
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
d055869d88ba5d349e48918187fbe6e5960379aa97dc94a9bcaf7e6f9a96950e
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d111646fd38b94952eee0ad35c5d980e1f7001b68233606077280771b1963bbf
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d1c3a75443c7717879309fe989393047db377fac18668cd72ea42e551e9f9145
d2df93cdf82ecadb17fa1511e62333500fee1411eca884eb02d6ed77c2c1a339
d6538d14a154a00f122faa7988c3e5c8f1842833643000af158ee45e2e9cde05
d71bed966dc37c0287eaf68902ebea8eb44f104cb8c288866694769555844f22
d8511cc0f5888a6bb21a72ca35fcb8828d354b14b67aaf385de7b322f3842097
d9f921dedc80efa4e2d38ee93c64da3b3cd00b1956568e49876839071f6ccbac
ddb235a94d689531eb689cc9376a5ee19377420568bab9bb87c0cbe7b9684eaa
dde6cbe139a1b61c30c174967db2c281b294f7818c5709a4585e5a893227bf5a
de135524a2a2bb1da6ccccdc70fc5bb2bdeccb877049320162c7d5651277cd08
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e2eae23d81189464bfbeff599e5b01c07956f77b4e9fd7557cc16a93fd5c2f9d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47b5e67ce5170d91fc57ccbd60e052a6741194d49b71054f8f8fc9d3303bb4f
e4e178267bfdc698323cbb5799803a9b5741c9ceeb398fa2c6ce364afdb906a6
e51bf4a5da89c223a83617078b466770b1e4d590f2430e74de39ce765762c840
e566ce69b9b552fb2a905a796eeafc79cc7a3910b82fbc7051333753ed3b7394
e6c6fadb7b79bb2354f56478fe0896103037b1e4c99bcb07dedf7ae93af33d91
e80a791036f28fbbcd713b2f6db8395f4c546b776bd21c764184893e3217a518
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ebdf25c85a1276ef774df6b14d61248102a77caff988a4333cf13e16809176f5
eca568615603f6bba0028753fe59c0143db623292b810b05a032997ff754c8b4
ece028cb789206aad16cd8850d3710df9d6bc7921fd4ec3db36da52d206844b1
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
ee0302724c21fa61fe038088ebeeb2363f1036d92e3fff184426d835527be8c5
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1c41eeff0ce4ab9dc984fbbf6c4db0a0affd73d03d47159d6b8e5f3de7e2212
f1e952aa1aa6d8a0cebcf7188ad329c3f7d86fc42448c9b7f69c7d658f72d4bd
f3706dd9e175fdadc2a564238f1ddc64afea19e67aefd5b922f33040d5f94540
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f759cefc88a2c554f946a01dfe2df9521c5c213a63495dd0d2978adf78f171a8
f7dab5126b1bc9e642dc36a68128065562b26063d7090f894a9da793c6a0fbe3
fa1a3bdc205ed130a486970f4c2037ff1003c697c5b6174296e1d3acb2976aac
fa2f2c409ec8c3790f3a2824ff3644873de9ca6700b7b3add056837bb677ee9f
fb02378f75830c5ad77dd9ecf08ca1d4a6a244e28ff2b39f8d33fbe3af78ff2f
fba89eddca34e14d291ac3a77e1b5389505c3d69e227f0ccb41bc5c4de82d534
fbee24bd8f5937fc442c6f42f00fcf52564867098294efb1bbe94b9ee3c9bde7
fc2c3fe71c43a0bc57f6b3fe05b1eea81da13926cf65dc252b65d76e44d8cb7e
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1
fd17e8a0d154667c61ba568d2f3b72859b9a834c40a446e996272be80cdf7eee
fdc97bcb8264dd4cd41bbdd41f4edf2312ae63352b266d749111bfb41adb1bbf
fde8f9126fb544ce3297062f2cf0745ccb437db2a8a7f87fab20d2f17a7a10ab
fe5a5f3469030993701e2cb0c63a1a66b1a3d59f87d35a5fc0fb0503fb534cd4
ff481dff2c7fe1fa65b0a3aa102af3cfa8e84accfef30f035df480112d3ec8e9